As more organizations make the move to SAP HANA-based solutions, many of those same companies are failing to recognize that building a solid security strategy is just as important as the platform itself. With most of the SAP ecosphere running something based on SAP HANA, solutions like Suite on SAP HANA (SoH) and S/4HANA are bringing the dream of running ERP and Analytics on the same platform to life, prompting more organizations to grant access directly to the SAP HANA database.
But is that the best strategy to keep your valuable data secure? Have you considered the gaps that exist in your SAP HANA security model? Do you HAVE an SAP HANA security strategy in place? Here are the top five reasons all organizations need to address their SAP HANA security model before it’s too late:
- Fraud can cause an organization to lose both money and its valuable reputation. When an SAP HANA system operates an SAP ERP application serve, someone only needs to INSERT, UPDATE or DELETE access to the SAP ERP tables to commit mass fraud.
- When your SAP ERP system is offline, it is hard to conduct business. So yes, securing your SAP HANA system is also about system availability. An untrained administrator with a high level of privileges can be just as dangerous as a hacker trying to bring down your system. You’ll need a sound SAP HANA security model, SoD and training to prevent these types of mistakes.
- Hackers try to gain access to your systems and data for a variety of reasons. Typically, they’re not breaking in to perform routine maintenance. More likely, they hack into your system to steal information, commit fraud, extortion, denial of service and other malicious acts. You must make it very difficult for them to penetrate your SAP HANA database security.
- Compliance means that resistance to implementing SAP HANA security if futile. Most organizations have obligations to external regulatory agencies and must adhere to their security standards. SAP HANA is one of many systems that are subject to numerous regulations. Therefore, you need to have a security model and security strategy for all SAP HANA systems.
- Access to data must be governed. Almost all SAP HANA solutions involve the storage of master data and transaction data. Such data often needs to be segregated within the organization. Without a proper security model in place, most organizations have no means of securely distributing data hosted in SAP HANA.
To help organizations understand what’s required to create a sound SAP HANA security model, I recently authored a book titled SAP HAN Security Guide, now available from SAP-Press and Rheinwerk Publishing.
The book addresses the following key areas of security and other topics:
|User Provisioning||Repository Roles|
|Object Privileges||System Privileges|
|Package Privileges||Analytic Privileges|
|Encryption||Auditing and Monitoring|
Jonathan is currently working as a Director at Protiviti. He has over 16 years of BI and IT experience. He currently focuses exclusively on Business Intelligence tools, technologies and EIM processes. He has helped hundreds of companies implement BI tools and strategies over the past 10 years. With Protiviti, he primarily works with the SAP BusinessObjects IDD and EIM tools. This includes experience with Data Integrator, Data Services, Universe Design, Web Intelligence, Crystal Reports, Xcelsius, BusinessObjects Enterprise, HANA, BOE architecture and server sizing. He is also a contributing author to the SAP Press book “Implementing SAP HANA” and the SAP Insider Book “SAP HANA HA and DR Essentials” The views and opinions on this blog are my own. They do not necessarily represent the views and opinions of Protiviti or SAP.