SAP in the Cloud: Security Essentials

View Archived Issues

SAP in the Cloud: Security Essentials

This book, SAP in the Cloud: Security Essentials, focuses on security topics associated with cloud computing within the SAP space, with an emphasis on IBM offerings.

Table of Contents

Back to Top

Chapter 1: On Premise vs. The Cloud

Before we get into what goes into cloud security, we need to have a basic understanding of what a cloud deployment means to your IT environment. We’ll talk about the types of clouds and the layers of cloud computing that you can use, then finish with a discussion of what an SAP system can look like in a cloud environment and some of the threats that the system can face.


Read More

Chapter 2: Risk Management and Security Standards

In this chapter, we’ll provide an overview of both risk management techniques and security standards. Risk management will give you a context in which to understand the threat landscape that a cloud environment faces. Later chapters will build on the ideas we present here so that with every aspect of a cloud environment—the network, the hardware, the user controls—you’ll be able to understand whether a cloud provider’s standard setup meets your business needs or if you need to add additional security controls to its offering. After that, we’ll talk about security standards that your provider can certify to in order to prove its cloud environment secure. We’ll cover the major ones—SOC and ISO—in depth while touching on some minor standards. Finally, we’ll discuss some of the regulations that may apply to your data in a cloud environment.


Read More

Chapter 3: Physical Security

Here we start talking about the actual threats a data center will face and security controls they can implement to lower their risk. This chapter covers the physical servers, network cables, and buildings that make cloud computing possible. We discuss how they prevent damage that would interrupt your service and unauthorized access that could compromise your data. You'll come away with knowledge about how data centers should work, the questions you should ask, and how you can secure your own premises so your access points are as secure as your cloud environment.


Read More

Chapter 4: Network Security

In this chapter, we'll run through the threats that a networked environment like a cloud faces and the countermeasures a provider can take to stop them. The chapter will cover things like firewalls, VLANs, VPN, and more, as well as cover how an SAP system looks in a networked environment. You'll come away with a glimpse of how a cloud provider can organize their network defense to protect your data, as well as the range of additional options that you have to protect your connection to that data. 


Read More

Chapter 5: Hypervisor Security

This chapter introduces hypervisors and virtualization, the core technologies that make cloud computing possible. We'll go deep into how virtualization works and how it protects your virtual machines and allocates computing resources. But we'll also touch on the security challenges and how providers are rising to meet those challenges. By the end, you'll have a good understanding of what virtualization means and how it protects your data. You'll understand the extra features you can look for in a hypervisor to increase your security profile and how you can configure your SAP system to make efficient use of flexible resources. 


Read More

Chapter 6: Encryption

This chapter details how encryption protects your data, both while sitting idle on a drive and travelling over networks. We'll cover the technologies around encryption and how you can enable them in you SAP system. You come away with an understanding of the importance of encryption and proper key management, as well as the ways that encryption can go wrong.


Read More

Chapter 7: User Access Controls

In this chapter, we talk about how SAP manages users and roles and how that prevents even the best intentioned users from making a mess of things. We discuss how to separate your user roles to prevent mishandled data and how to ensure individual user security. This chapter is the heaviest in SAP details, so you should come away from it knowing how to create your users and roles and how to make sure those credentials stay secure. 


Read More

Chapter 8: Software Updates

This chapter covers the importance of software updates. It may seem like a boring topic, but keeping software up to date is essential to good security. We also talk about how a provider can implement updates without interrupting your service. You'll understand how those updates have prevented issues in the past and where to look for new SAP notes, which detail fixes. You should be able to ask intelligent questions about their update policy to make sure it's as aggressive as you need it to be. 


Read More

Popular Chapters

View More
  • Chapter 4: The Launch Phase

    This chapter examines the first of four phases every cloud implementation should have, beginning with the Launch phase and opening with an explanation of on-boarding methodology. While not a rehash of project management methodology, it provides best practice recommendations for selecting a project team, finding a partner, establishing project governance, creating project plans, reviewing and defining scope and transition, defining priorities, and refining roles and responsibilities.

    Read More
  • Chapter 3: SAP on the Cloud: In Depth

    This chapter examines SAP’s new cloud platform based on SAP HANA and how it is different not only from other similar applications but even from other SAP implementations. It also makes the case for on-premise implementations versus cloud managed services. It asks the question: If my SAP implementation is mission critical, should it be on the cloud? It also presents an overview of the methodology of moving SAP to the cloud, including a detailed discussion of SAP’s newest cloud platform based on SAP S/4HANA.

    Read More
  • Chapter 8: Software Updates

    This chapter covers the importance of software updates. It may seem like a boring topic, but keeping software up to date is essential to good security. We also talk about how a provider can implement updates without interrupting your service. You'll understand how those updates have prevented issues in the past and where to look for new SAP notes, which detail fixes. You should be able to ask intelligent questions about their update policy to make sure it's as aggressive as you need it to be. 

    Read More
View More

Do you #LearnLikeAnInsider?

See what it means to redefine reading and start to #LearnLikeAnInsider today.

insiderBOOKS Video

From The Blog