SAP’s transition to an enterprise cloud company has changed the way SAP customers consider and implement their enterprise security strategy. The inclusion of SAP HANA-based systems adds further complexity to these considerations, particularly when these systems are running in hybrid or cloud-based environments. Organizations now need to find a way forward that doesn’t rely on existing physical and network security, and instead expands the security perimeter to include not only local systems, but also those that are running in cloud-based environments.

After speaking with many SAPinsiders, Robert Holland, Vice President of Research and Publishing at SAPinsider, summed up the results by saying that a successful security strategy must be “comprehensive, integrated, and part of the corporate culture.” A survey conducted earlier this year by SAPinsider asked members of our community several questions about their current enterprise security strategy. Holland will discuss these sentiments along with SAPinsider’s research on the topic during our live webinar, Impact of the Cloud and SAP HANA on Enterprise Security Strategy, occurring on Wednesday, May 6 at 2:00pm, US Eastern Time.

For now, here are five things SAPinsiders are saying:

1. The biggest challenge is a lack of resources or expertise. “Many organizations simply do not have the resources to have a dedicated team focused on security of SAP solutions. Given the number of solutions many customers are running, and the fact that they may be running both locally and in hybrid or fully-cloud environments, it is often difficult to keep up just with the SAP Notes and patches that are recommended by either SAP or user group organizations,” Holland says.
2. Any successful enterprise security strategy needs to be holistic. “With deployment models now including the cloud, a successful strategy needs to encompass physical security, system security, application security, and data security. It also needs to be integrated into day-to-day business activities and practices so that everyone within an organization understands why it is important,” Holland says.
3. Integrating your security strategy with your business processes is essential. Holland says, “Nearly half the survey respondents indicated that they faced the challenge of security disrupting operations. If you want your security strategy to be effective it needs to be integrated with your business processes so it is seamless and non-disruptive to end users—or they will not use it.”
4. Education is key. Holland notes that 46% of respondents indicated that they were seeing improved security awareness because of training and education programs that they were conducting. “End-users have to understand the security strategy if you want them to use it effectively.”
5. Plan for a security strategy that includes the cloud. “In our past research, over 90% of SAPinsiders had at least looked at cloud-based solutions, and in this study 56% said that they were running at least one cloud-native solution. While everyone may not be running a cloud solution yet, there is a high likelihood that they will be doing so in the future and should plan for that accordingly,” Holland says.

During the live webinar, Holland will go into more detail about SAPinsider’s research into customers’ Enterprise Security Strategies. Attendees will have the opportunity to ask questions in real-time and gain a better understanding of:

• What is driving Enterprise Security Strategy
• What actions organizations are taking to those drivers
• Key requirements and technologies
• Recommendations to help your organization implement a successful security strategy