Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
Showing results for 
Search instead for 
Did you mean: 
Using the eBook to help manage SAP Cloud Systems:

The Security for SAP Cloud System eBook will help you to learn about the Security in your SAP cloud system. You will understand where security responsibilities lie—with SAP or with the customer— and then take a tour of the practices, services, and tools that ensure your cloud operations are secure. Including compliance guidelines and local regulations, such as GDPR. You will also see how security regulations impact your cloud system.


Why I wrote the ebook, Security for Cloud Systems

After being at SAP for more than a decade, having helped hundreds of customers around the globe across all industry, I was honored when SAP Press invited me to write an ebook elaborating on my expertise on security in the cloud. A friend once told me a life is incomplete until one plants a tree, has a child, and writes a book. How right he was: writing a book has allowed me to bring together my years of experience and knowledge for easy dissemination and sharing.

This book elaborates on a fairly simple approach for how to manage Security with SAP (On Premise and Cloud) solutions.

Managing cyber-security is complicated, and it gets more complex when business-critical data is handled in a Cloud environment. The transparency over the role that products and services play in a software solution requires a detailed understanding of the technology platform, the legal agreement and the security policy before data is handed over.

I have helped countless of SAP’s premium customers (known as “MaxAttention customers”) on a variety of solutions including; Security Optimization Service, Security Workshop, and planning their Security Roadmap for SAP projects. In addition, I have had many discussions with customers on Cloud migration and addressed concerns over implementing multiple SAP security solutions, such as GRC, SolMan, and ETD. This work motivated me to help customers understand how SAP drives Security into the Cloud solutions portfolio. From securely delivering the Intelligent Enterprise, the shift of responsibilities from on premise to SAP cloud, to SAP Cloud Secure and finally, the role of regulations such as GDPR, and others around the globe.

A Quick Summary of Topics in the Book

  • SAP’s Intelligent Enterprise strategy drives security from services to products

  • There is a responsibility shift when going from an on premise environment to the SAP Cloud

  • SAP Cloud Secure offers with multiple layers of assurance which provides transparency

  • The role of the EU’s GDPR in Data Privacy for SAP

SAP’s Strategy Delivered with Security in Mind

In 2019, SAP helps customers turn into intelligent enterprises by implementing SAP’s Intelligent Enterprise, a strategic initiative to help drive Visibility, Focus and Agility. How does security play a role?

  • SAP provides visibility, from logs to process efficiency

  • There is a focus on critical security requirements, from technology to regulations

  • An ability to be agile and adapt and respond in real time

This strategy is fundamentally changing how SAP applies its security from the Intelligent Suite to Digital Platform and finally improving the Intelligent Technologies. Customers can expect better integration and greater synergy within SAP systems. SAP delivers our products with three components in mind:

  • Secure Products

  • Secure Operations

  • Secure Company

More information can be found in the security tab of The SAP Trust Center.

Security Responsibility

As described in Chapter One of my book, having a strategy focused on securing the Intelligent Enterprise as the foundation for delivering Secure Products and Secure Operations, the security responsibility remains shared between the customers and SAP. In general, there are 2 key points:

  • The security of the Code that delivers the service is assumed by SAP

  • The security of the use of the application is always shared between how the customer implement the solution and feature or platform delivered by SAP.

More information can be found in the ASUG Webinar: Ten Best Practice to Mitigate Risk to your SAP System – What You Need to Know and Do Today!

SAP Cloud Secure and Layers of Assurance

In order to provide transparency on how SAP manages security in the Cloud, SAP Cloud Secure, together with the Layers of Assurance have been put in place to do just that. I clarified them in detail in Chapter 3. Where I describe how SAP Cloud Secure includes different Layers of assurance, which are:

  • Contractual Agreement (the legal agreement between customer and SAP)

  • Independent Validation (the audit and certification)

  • Security Standards Management (the best practices)

  • Secure Architecture (the protection of the platform and application)

The Layers of Assurance provides a transparent and easier approach to understanding SAP’s commitment.

The role of GDPR in SAP

Finally, SAP’s commitment to provide a peace of mind in security and comply with local regulations remains unchanged. The role of EU’s GDPR and other local regulations that have fundamentally changed security as it relates to data privacy. The vow to comply with data privacy regulation is listed in DPA-Data Processing Agreement (part of the Contractual Agreement), where SAP lists Technical Organizational Measures and in Appendix 3 of the DPA coupling with relevant Articles of GDPR.

For those who are new to GDPR, I have written a blog on How GDPR is Disrupting the Global Privacy Law and Benefiting Us, where I provided an overview of its importance across the globe. In Chapter 10 of the eBook, I explain the important process of how local regulations, including GDPR, are affecting SAP’s Data Privacy Controls.

In summary:

  • I shared my experience in Security for SAP systems in the eBook, including how SAP delivers security in SAP Cloud System

  • SAP security strategy covers products, operations and company

  • The responsibility over security is shared by both customer and SAP

  • SAP ensure security in cloud through SAP Cloud Secure using layers of assurance

  • GDPR is the main driver of data privacy practice in SAP


The same blog is posted on LinkedIn.