Every enterprise uses cloud computing services to some degree – tools such as Gmail, Twitter, and Dropbox are ubiquitous; as are business applications like Salesforce, ServiceNow, and Quickbooks. Cost savings, operational stability, and reduced management effort are all proven advantages. But when we consider moving back-office infrastructure – systems at the heart of business – there is significant angst and uncertainty among IT and security professionals.

For big and complex applications like SAP, they wonder if cloud services are a viable option. The problem is that security is not optional, but actually critical. For folks operating in a traditional on-premise environment, it is often unclear how to adapt the security model to an unfamiliar environment where they only have partial control.

This whitepaper explores major security issues for SAP cloud deployments such as  how cloud services are different, and then map existing security controls to fit within cloud deployments. This whitepaper will cover:

  • The need for a cloud Security Strategy
  • Service Contracts
    • Division of responsibility
    • Contract considerations
  • Cloud Security Architecture
    • Network Application Segmentation
    • Immutable Servers
    • Blast Radius
    • Network Visibility
  • Cloud Management Operations
    • Patching and Change Management
    • Incident Response
  • Security Services Integration
  • Application Security