SAP Cloud Platform Open Connectors

Access Control Overview

In order to help prevent unauthorized access to user accounts and information, SAP Cloud Platform Open Connectors has implemented a number of information security procedures and best practices.

  • SAP Cloud Platform Open Connectors and best practice require that all access to any information systems containing sensitive and/or customer information, including our platform, use multi-factor authentication.
  • Any user account that isn't used for 90 days will be disabled.
  • After five failed attempts to sign in to a user account, the account will be disabled. A locked account will automatically reactivate after at least 30 minutes.
  • Manager approval is required before access or privileges to SAP Cloud Platform Open Connectors information processing systems can be granted.
  • You are strictly prohibited from using shared or group accounts, or sharing credentials.
  • Except for password resets, all changes to user accounts—including termination, creation, or privilege modification, must be approved by a superorg or org admin.
  • The password configurations for length and complexity, managed from the Security tab, identify the minimum requirements of a usable password. For example, the following length and complexity requirements mean that user passwords must be at least eight characters, and include at least one uppercase and lowercase character, one number, and one symbol.

    Length and Complexity

    The Symbol Character Set defines the allowed symbols. If you require symbols as part of your password policy, you can use this field to add or remove specific symbols.

Best Practices for Users

We also recommend that your organization implement the following best practices:

  • Because users are responsible for all actions performed using under the context of their identity, ensure that all users have their own respective, unique credential. Regardless of its form—a username, badge, or token—this credential must never be shared with any other person, regardless of whether or not they are also part of the same organization.
  • Limit administrator privileges to the fewest staff possible to perform sensitive duties. For each person who has administrator rights to any part of the SAP Cloud Platform Open Connectors platform, you must have documented justification for their inclusion.
  • If a user is terminated, their access to the SAP Cloud Platform Open Connectors platform should be immediately revoked.