The document discusses SAP's cloud security practices. It covers several areas:
- SAP's cloud portfolio and focus on security as core to their cloud business model.
- The various security regulations and requirements SAP aims to comply with regarding things like data centers, networks, identity management and data security.
- How SAP implements logical and physical isolation of customer data through dedicated infrastructure, encryption, access controls and other means.
- SAP's backup/recovery and compliance capabilities like frequent encrypted snapshots and audit logging to support regulations.
2. About me
• Rasmi Swain
• Enterprise IT Consulting & Delivery
• Enterprise IT architecture
• SAP ECC 6.0 , SAP BW, BO–BI
• HANA Analytics, HANA Cloud
• SAP Mobility ( SMP 3.0, FIORI, MDM, Mobile Security)
• Information Security (Cloud Security, GRC, ISO 2700K)
• E-Governance & Smart City
SAP Cloud Security
2
3. Contents
• SAP Cloud Solutions
• Security Regulations
• Security Requirements
• Data Center Security
• Physical Security
• Network Security
• Data Security
• Backup/Recovery &
Compliance
• Identity management
SAP Cloud Security
3
4. SAP a Cloud Company
• SAP + HANA+SF+ARIBA+ Sybase
• Most Comprehensive cloud portfolio
solutions
• Data security and data privacy is part of
the DNA
SAP Cloud Security
4
Source : SAP
6. Trust the #1 asset in cloud business
- Security, data protection, and data
privacy became more important.
- And a single case of data loss hits the
whole industry.
- If a single company fails in the cloud, no
vendor in this service can bet on more
subscribers. It´s a loss-loss.
- handle data with the utmost discretion
and allow business-critical processes to
run securely.
- Protect customer against unauthorized
data access and misuse, confidential
data disclosure
SAP Cloud Security
6
Source : SAP
7. Security Regulations
• HIPAA
• PCI-DSS, ISO 27002, BS7799,
• ISO 27001/27017
• PII/ Privacy
• EU Data Protection 95/46/EC
• e-Privacy Directive 2002/58/EC
• ASIO-4, FIPS Moderate,
• BS10012, SSAE-16/SOC2
SAP Cloud Security
7
8. Security Requirements
• CSP (Cloud Partner) must be
complaint
• US-EU safe Harbor
• Employee Background check
• Physical Security
• Physical data location
• Unauthorized data access
(credential steals)
SAP Cloud Security
8
• Data steal from insiders
• Firewalls to prevent 3rd party
attacks
• Operational compliance
• Shallow security
• Data Portability
• Business Continuity Security
9. Data Center Security
SAP Cloud Security
9
DB Security
Network Security
Compliance
Back up & Business
Continuity
SOC2
Privacy
Trust
Criteria
BS10012
Privacy Standard used
internationally
SAP Cloud Security 9
Location & Physical
Security
BS25999
CERTIFIED
ISO 9001
CERTIFIED
ISO 27001
CERTIFIED
SSAE16
TESTIFIED
ISAE3402
TESTIFIED*
10. SAP Cloud Security – Physical Security
SAP Cloud Security
BUILDINGPOWER
FIRE+
FLOOD
COOL
ING
Reinforced concrete construction
Hundreds of surveillance cameras with digital recording
Fully monitored doors
Tens of thousands of environmental sensors
Security guards and facility support team onsite 24x7x365
Biometric sensors + card readers to access secured areas
Multiple redundant internet connections from multiple carriers
Redundant power sources
Hundreds of UPS units with additional capabilities of 20 min
Auxiliary, expandable diesel power supply, online within minutes
Diesel fuel storage sufficient for 48-hours of operations without refueling
Contracts with external diesel suppliers to guarantee continuous operation
Fire and flood protection
Redundant, environmentally friendly, Inergen fire extinguisher System
Thousands Fire and Flood Surveillance Sensors
100% redundant air conditioning
Auxiliary cooling capacity
Source – SAP
11. SAP Cloud Network Security
SAP Cloud Security
11
Multi-tiered Network Architecture
End-user traffic is limited to the front
Demilitarized Zone (DMZ) tier of Web
servers only.
Each single tier in the hosting
environment is organized into a DMZ-
like pattern.
This allows a firewall or Virtual Local
Area Networks (VLAN) separation
between each tier.
A request is individually validated
before creating the next tier
independent request.
SSAE16-SOC2 Type II auditing twice a
year.
* formerly
known as
Secure
Sockets Layer
Reverse Proxy Farms
Hide network topology
Multiple redundant Internet Connections
Limit the effect of denial of service (DOS) attacks
Data Encryption
Highest level of protection with up to 256-Bit Data
encryption protocols using Transport Layer
Security*
Intrusion Detection System
Monitor web traffic 24 x 7 x 365
Multiple Firewalls
Shield internal network from hackers
Third Party Audits/Penetration Tests
Early and independent detection of security issues
(e.g. program backdoors, network vulnerabilities,…)
11
Communication between client and
SAP leverages Secure Sockets Layer
(SSL) or Transport Layer Security
(TLS) encryption.
SAP solutions also support
dedicated encrypted
communication channels (WAN and
VPN) for better access and
integration.
SAP also provides customers a
choice: the management of all
security from top to bottom, or the
ability to integrate SAP Cloud with
their own industry-standard identity
management solutions.
.
12. Data Security - Data Segregation
SaaS Multi-tenant Architecture - example SAP Cloud for People
With cloud solutions from SAP, there is a logical isolation within a SaaS application that extends down to the virtual server layer. In certain environments like the SAP
HANA Enterprise Cloud, organizations will also get physical isolation via dedicated SAP HANA database servers that reside in dedicated customer network segments
(VLANS).
SAP Cloud Security
12
.
Database Tier
Instance A Instance B Instance C Instance D
Application Tier
Service Tier Personal credentials
Optional Single Sign On
Distinct application instance
per customer enforces Memory
segregation
Distinct database schema per
customer enforces data
segregation
3rd party
Application
Core Tenant manager
Instance A Instance B Instance C Instance D
XML Abstraction Layer
WebServices InterfaceGraphical User Interface
Schema
• Data
• Configurations
Schema
• Data
• Configurations
Schema
• Data
• Configurations
Schema
Data
Configurations
13. Cloud SaaS delivery model- Data transmission & data flow control
SAP Cloud Security
1313
Cloud solutions from SAP segregate heterogeneous data
by using the following approach to build the application
architecture and store the data:
• Unique database tables:
• Most service providers offering shared Web access have one
set of database tables in a normalized database that is
shared by many customers. In contrast, organizations that
use cloud solutions from SAP share the network security
infrastructure, Web servers, application servers, and
database instance. However, each customer has its own set
of database tables within its own unique database schema,
which ensures complete segregation of tenants’ data.
• Dedicated database Servers:
• In case of a SAP HANA database, SAP provides a dedicated
physical database server that is located in the customer cloud
network segment.
• Encrypted data storage:
• When cloud solutions from SAP support database or file system
encryption, all encrypted data is stored on disks using a minimum
of AES 128-bit encryption.
• Secure levels:
• In SaaS services, the top two tiers (application and Web in later
levels) are completely stateless. Cloud solutions from SAP
dramatically reduce the security risk of these two tiers because no
sessions are kept in memory or written to disk. This approach
simplifies the construction of load-balanced server farms, as there
is no need to keep the workloads on any given server.
• Movement of data:
• It is important to remember that data is moving through multiple
tiers, and each level must ensure data security. Cloud solutions
from SAP use a defense-in-depth strategy to provide segregation
of data at all layers.
14. SAP Cloud Security – Backup/Recovery & Compliance
SAP Cloud Security
14
• Compliance features
Journal entries that allow tracing
of business transactions to
source documents
Number ranges that distinguish journal
entries
Accounting-relevant data cannot be
deleted from audit trails
Supports IFRS accounting regulations
Solution documentation included
Segregation of duties supported
Snapshots:
Backups are created with snapshots from disk to disk. This
ensures fast creation, backups, and, if required, fast restoration.
Frequency:
Daily full backup. Log files incrementally backed up every two
hours: all changes in database since the last full backup are saved.
Location:
Database and log-file backups are stored in a geographically
separated data center but stay in the designated region.
Objective:
Recovery up to the last transaction is supported within database
recovery process. Maximum lost time for customer is two
hours - if the primary data center is completely destroyed.
Retention times:
Backups of the last 3 days are kept on primary and secondary
storage. Previous backups are kept up to 14 days in the
geographically separated backup data center.
14
15. SAP SaaS delivery model- Identity management
SAP Cloud Security
15
• Internal authentication:
• Cloud solutions from SAP use an internal repository of user profiles when
customers choose not to integrate their identity management product with
SAP solutions
• Federated authentication (single sign-on):
• The primary transport protocol for this trust mechanism is standard Hypertext
Transfer Protocol Secure (HTTPS). In the SAP HANA® Enterprise Cloud service,
a direct integration into the customer network and single-sign-on
implementation is possible. Cloud solutions from SAP also use single sign-on
features of the SAP NetWeaver® technology platform for system-to-system
and administrator authentication.
15
Cloud solutions from SAP support the Lightweight Directory Access
Protocol (LDAP) and tokens,
• such as MD5, SHA-1,
• HMAC encryption, DES, and 3DES.
• The solution also supports Security Assertion Markup Language (SAML
1.1, 2.0)
• SAP Supply Network Collaboration with encrypted remote function call
(RFC) and client/server personal security environment (PSE)
verification.