Is your SAP (or other ERP) system secure

Photo credit – “(C) S. Bougerolle 2004″
One good thing about having a large enterprise tool that manages the various aspects of business processes of your business is the greater efficiencies you gain.
However, one down side is the number of potential security holes. With a large ERP system, used by many users with so many different authority levels and access remote and local ensuring the system is secure is so important.
With this in mind SAP AG (NYSE:SAP) today announced a new service offering to help customers ensure the security of their SAP(R) systems. The service, SAP(R) Security Optimization, entails a comprehensive evaluation of critical security settings across the customer’s SAP system landscape to identify and eliminate potential vulnerabilities and minimize the risk of unauthorized intrusions.
With the growing complexity of corporate IT landscapes and their increasing exposure via Internet gateways, enterprises have become increasingly vulnerable to security breaches. Systems that formerly had been accessible only from within the company can now be accessed externally by employees, business partners and, with the prevalence of online shops and customer service Web interfaces, also by customers.
Performed remotely by SAP and to a large extent automated, SAP Security Optimization searches for vulnerabilities in an enterprise’s SAP landscape — from applications and middleware, to Internet gateways and interfaces to partners’ systems, to user authorizations. Following the one- to two-day evaluation, customers receive a detailed analysis of security gaps and vulnerabilities — prioritized according to severity and probability — and action plans on how to resolve them. The recommended security measures can be carried out by the customer or by experienced security consultants from SAP Consulting and certified SAP partners.
I wonder if SAP is doing this because they care about customers or more as a way to increase revenue via expensive consulting services.