The Inner Circle

 View Only

  • 1.  Best Practices for Securing SAP Servers in a Cloud Environment

    Posted Feb 21, 2025 04:49:00 AM

    Hey everyone,

    I'm looking for insights on securing SAP servers in a cloud environment. With more enterprises moving their SAP servers and workloads to cloud platforms like AWS, Azure, and GCP, security has become a major concern.

    What are some best practices for ensuring SAP servers remain secure in the cloud? Here are a few I've come across:

    🔹 Network Security – Use private subnets, firewalls, and VPNs to restrict access.
    🔹 Identity & Access Management (IAM) – Enforce least privilege access, use MFA, and integrate with SSO solutions.
    🔹 Data Encryption – Encrypt data at rest and in transit using cloud-native security tools.
    🔹 Patch Management – Regularly update SAP and OS security patches to mitigate vulnerabilities.
    🔹 Logging & Monitoring – Enable cloud logging and SIEM solutions to detect threats in real time.
    🔹 Backup & Disaster Recovery – Implement automated backups and test disaster recovery plans.

    Looking forward to your insights.



    ------------------------------
    Arthur Leo
    Unknown
    Unknown
    ------------------------------


  • 2.  RE: Best Practices for Securing SAP Servers in a Cloud Environment

    Posted Feb 24, 2025 07:39:00 AM

    Hey;  

    It's not real clear if you're looking to self-host SAP on instances running in CSPs or of you're using SAP cloud that's hosted in one of those.  The amount of your effort will change depending on that answer; but, looking to SAP's security guides is a good first step.  These guides are available at https://help.sap.com/ and should have links to the documents below:

    SAP Security Guide
    SAP Basis Security Hardening Guide
    SAP Security Patch Day Notes
    SAP S/4HANA Security Guide
    SAP HANA Security Guide
    SAP NetWeaver Security Guide
    SAP Cloud Security Guides
    SAP Security Audit Log Configuration
    SAP GRC Documentation

    HTH.

    Doug



    ------------------------------
    Doug OLeary
    Security engineer
    Multiplan Inc
    ------------------------------

    Original Message


  • 3.  RE: Best Practices for Securing SAP Servers in a Cloud Environment

    Posted Feb 24, 2025 09:39:00 AM

    Also could you more elaborate under IAM space you should be looking at the SOD with least privileged access. you need to have a robust segregation of duties modules deployed through IAM product or any other modules within SAP ecosystem.  



    ------------------------------
    Naveen Aradhya
    IT Account Security

    ------------------------------

    Original Message