Success Story: Vetropack Group
Improved efficiency and significantly increased IT security through secure authentication with SAP Single Sign-On 3.0
The primary objective of the project at Vetropack Group, starting February 2021, was to significantly increase the security of the entire SAP application landscape in terms of confidentiality, authenticity, and integrity. By installing the SAP Single Sign-On 3.0, our customer was able to improve the user experience, ensure high security and reduce the service desk support. Despite the large number of SAP systems, the aforementioned requirements could be implemented in less than 15 days thanks to the proven Xiting project methodology. The optimal coordination of all activities and the efficient project management and collaboration between Vetropack and Xiting brought this project to a productive state within a few months.
„With the help of Xiting, we managed to connect our SAP systems to the SSO very quickly. The know-how of Xiting, which went beyond the pure matter of SAP SSO, was particularly welcome and contributed significantly to the fast and successful implementation of the project.“Hartmut Schroff
At the start of the project, the authentication between client and server was still partially unencrypted, while the authentication to SAP was based on usernames and individual passwords. The primary goal of the project carried out at the Vetropack Group was the implementation of the SAP solution Single Sign-On (SSO) for all SAP users and systems.
The aim was to configure all SAP systems for the Kerberos/SPNEGO-based login to subsequently obtain secure and easy access to the SAP applications and to achieve an end-to-end SSO experience for all user accesses. At the same time, the communication protocols should be encrypted, and all SAP applications should be integrated into the secure authentication process. The coordination of the SSO implementation with the SAP S/4HANA release upgrade was another objective.
Starting with the implementation of the kick-off workshop, the analysis of the individual requirements as well as that of the components involved, the project went on with the comprehensive conception and POC setup. In addition, numerous activities, and configuration adjustments as well as down times had to be well coordinated between the different project stakeholders. After successful tests and the final adjustment of the parameters, the configuration specifications could be transferred to the further stages from pilot to roll-out.
Thanks to the structured approach and the detailed documentation, the project went into productive operation with little effort and within a short time. We achieved a significant reduction in password-related support requests and a simplification of the user workflow.
The implementation of SAP Single Sign-On 3.0 at Vetropack had a significant and immediate effect on users, administrators and the security of its SAP systems. The security of user identities and SAP systems has been massively improved, communication encryption implemented, while also minimizing the risk for potential attacks, given that the login now requires a security token from a central ID provider.
- Explained! #1: SAP IAS Proxy Mode and ID-Federation - 6. March 2023
- Connecting SAP Identity Authentication Service as a proxy to Azure AD using OpenID Connect | Xiting E-Book - 15. December 2022
- Success Story: Vetropack Group - 27. June 2022