HackDig : Dig high-quality web security articles for hackers

Securing SAP Clouds [New Paper]

2017-02-08 14:00

Use of cloud services is commonplace within IT. Gmail, Twitter, and Dropbox are ubiquitous; as are business applications like Salesforce, ServiceNow, and QuickBooks. But along with the basic service, you outsource much of the security for the applications. But as more firms move critical back office components like SAP HANA to public Platform and Infrastructure services, they assume much more responsibility for security. How to assemble a security strategy for complex applications such as SAP HANA is far from clear, nor how to adapt existing security controls to an unfamiliar environment where only partial control is available.

As we have received an increasing number of questions on SAP cloud security, this research paper was created to tackle the main security questions we have received. When we originally scoped this project we intended to focus on the top five questions we’d heard, but we quickly realized that would grossly under-serve our audience, and instead we should help to design a more comprehensive security plan. So we took a big picture approach, examining a broad range of concerns, including how cloud services differ, and then map existing security controls to fit cloud deployments. In some cases our recommendations are as simple as changing a security tool, or negotiating directly with your cloud provider, while in others it means adopting an entirely new security model.

In this research paper we will highlight the division of responsibility between you and your cloud vendor, which tools and approaches are cloud-viable, how to adapt your security model, and advice for putting together a complete security program for SAP cloud services. We focus on SAP’s HANA Cloud Platform (HCP), but as we encountered and equal number of firms deploying atop IaaS services, we will cover both environments. The approaches can vary quite a bit, as the tools and built in security capabilities are different, so we will compare and contrast the two when appropriate.

Finally, we would like to thank Onapsis for licensing this content. Community support like this enables us to bring independent analysis and research to you free of charge. We don’t even require registration! You can grab a copy of the research paper directly, or visit the paper’s landing page in our research library, and please visit Onapsis if you would like to understand how they help provide security for both cloud and on-premise SAP solutions.

- Adrian Lane (0) Comments


Source: repap-wen-sduolc-pas-gniruces/golb/moc.sisoruces.www

Read:4828 | Comments:0 | Tags: Cloud

“Securing SAP Clouds [New Paper]”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud