cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed

Security Changes Affecting SAS Systems Q&A, Slides, and On-Demand Recording

Started ‎10-24-2025 by
Modified ‎10-24-2025 by
Views 2,094
Ask the Expert - Security Changes Affecting SAS Systems.pdf

Watch this Ask the Expert session to learn how to implement the new security configurations and installations for SAS software. 

 

Watch the Webinar

 

You will learn about:

  • Major security changes by OS vendors and SAS’ change to its installation process.
  • TLS as the ongoing security encryption that will replace AES et al.
  • The changes and how to implement the new security configurations and installations.

The questions from the Q&A segment held at the end of the webinar are listed below and the slides from the webinar are attached.

 

Q&A

In regard to MFA, what about with Azure AD on SAS 9.4 with MFA

Are you running SAS in the Azure cloud?

 

No, but we authenticate with AD and soon moving to Azure AD.

It is on the list for support, but there is no ETA on when it will be supported.

 

Which version supports MFA?

SAS 9 R&D Plans to incorporate MFA authentication into the Azure AD Domain. The ship even timing of this is dependent upon many developement schedules and factors and won’t likely ship until at least a 2026 Ship Event.

 

Does this TLS in configuration also update the setenv/wrapper/server.xml files in all SASServerX_X folders?

When initially deploying TLS with SAS Deployment Wizard, all files and properties in the SAS Web Application servers are updated and modified to support TLS. No additional manual changes are required to enable TLS. This was effective beginning with the release of SAS 9.4M9.

 

If we forgot to enable at the time of deployment, can we enable it manually and where?

Yes, you can enable it manually. There is a step-by-step process that tech support can guide you through to ensure nothing is missed in any of the server configurations. It's important to cover all of them; otherwise, one thing may work, but you could encounter issues with another IOM server. It is definitely possible to do this later if needed. Currently, we are handling it manually. Once automation is in place, you shouldn’t need to do it manually, but if you prefer or need to implement security at a later time, there will be a path to do so. The process should be straightforward—you'll just need to follow the instructions.  Please note there are plans to provide functionality in SAS Deployment Manager to enable TLS without manual effort and development is ongoing. 

 

Is unconfiguring TLS through SDM or manual? Removing TLS config if it was configured earlier

The current plan is to configure or unconfigure TLS via SAS Deployment Wizard and SAS Deployment Manager without manual effort. There will be a manual workarounds if needed. The ship date for this has not been scheduled, but likely sometime in a 2026 Ship-Week event.

 

Recommended Resources

SAS Help Center: Cryptographic Library Support (Starting with SAS 9.4M8)

SAS Help Center: Encryption for Data at Rest

SAS Help Center: Encryption for Data in Motion

SAS Help Center: What's New

SAS Help Center: Using Operating System OpenSSL Libraries with SAS 9.4M8

SAS Help Center: Transport Layer Security (TLS) and Middle-Tier Servers

Please see additional resources in the attached slide deck.

 

 

Want more tips? Be sure to subscribe to the Ask the Expert board to receive follow up Q&A, slides and recordings from other SAS Ask the Expert webinars.

0 Likes
Version history
Last update:
‎10-24-2025 12:20 PM
Updated by:
Community Manager

Catch up on SAS Innovate 2026

Nearly 200 sessions are now available on demand in the Innovate Hub.

Watch Now →

SAS Training: Just a Click Away

 Ready to level-up your skills? Choose your own adventure.

Browse our catalog!

Article Labels
Article Tags