The Onapsis Security Blog

The world of business-critical application security and compliance is dynamic, with new developments happening on a continuous basis. Read our blog posts for recommendations, insights and observations on the latest news for safeguarding your SAP® and Oracle® applications.

Blog Banner

Paving Your Way Through SAP Digital Transformation Part 2

In our last blog we discussed S/4HANA as the path forward for organizations initiating digital transformation for their SAP systems. Below we discuss three things to consider during migration.

SAP S/4HANA Migration Insights
If you have not yet started your journey to migrate to S/4HANA you are not alone. The SAP corporate fact sheet published in January indicates they have over 400k customers. It would be hard to imagine that all these customers have already migrated to S/4HANA, IMHO. Based on my research a large percentage of organizations are still undecided, or have yet to start. We predict after Sapphire 2019 there will be 100x more project initiatives for S/4 migrations. SAP is doing all it can to make their legacy customers adapt to S/4HANA before 2025 and to SAP’s credit, they’ve given everyone a ten-year heads up.

 

Onapsis Sapphire

#1 There are a number of S/4HANA implementation paths to choose.

New Implementation
If you are new to SAP ERP, or want to re-implement your SAP core solution to start clean, adopt this approach.

System Conversion
If you are an existing SAP customer that wants to upgrade to the latest SAP S/4HANA solution, use this approach. This project requires complete migration of legacy environments.

Landscape Transformation
If you are a large enterprise with many instances of SAP and non-SAP ERP systems who wants to consolidate to a single global SAP S/4HANA, use this approach. Landscape helps ensure the IT strategy is aligned with business goals and cost savings.

Hybrid Implementation
If you want to approach the move gradually, engage in this approach. Various SAP systems exist to migrate to a new S/4HANA system in a phased approach. You would continue to maintain existing legacy ERP systems, but put your foot in the door with S/4.

#2 S/4HANA deployment options depend on your business type and enterprise goals.
On-premise deployment gives you full control of the hardware and software of your application and maintenance schedules to maintain business as usual. The latest SAP S/4HANA on-premises release is SAP S/4HANA 1809: September 2018 and the latest version of the HANA database is SAP HANA 2.0 SPS 03.

Cloud options include HANA Enterprise Cloud, Amazon Web Services, Microsoft Azure, or Google Cloud Platform.

Cloud (Private)
In this deployment type, cloud providers provide infrastructure as a service (IaaS), but you are still responsible for managing the application and applying security patches.

Cloud (Public)
This is a Software as a Service (SaaS) option where SAP fully hosts and manages your environment.

Hybrid Deployment
This deployment option is a combination of on-prem and cloud instances. A lot of organizations adopt this deployment option because it gives them flexibility to customize and accelerate business innovation.

The latest version of SAP S/4HANA cloud releases is SAP S/4HANA Cloud 1902: February 2019 and the latest version of the HANA database is SAP HANA 2.0 SPS 03.

#3 SAP Activate provides two methodologies or frameworks to choose from for deployment.

  1. You can use an agile approach to reduce the time and effort
  2. You can use a traditional waterfall delivery approach, however this may include increased effort and time

Both agile and waterfall approaches have pro’s and con’s. Here’s an SAP blog that talks more in detail on this.

In our next blog we discuss how security and compliance fits into the S/4HANA journey and how it will help you ensure a successful move. We will also highlight the importance and benefits of embedding security, or security by design, based on the path you choose above.

 

Request a
Business Risk Illustration

Examine the security posture and risk exposure of your business-critical applications to determine the potential impact of a cyberattack on your organization.

Engage