Skip to Content
Nous contacter

Manage secure data access and keep your SAP HANA systems protected

Protecting corporate information is one of the most important topics for you as an SAP HANA customer. You need to meet the ever increasing cyber-security challenges, keep your systems secure, and stay on top of the compliance and regulatory requirements of today's digital world. SAP HANA allows you to securely run and operate SAP HANA in a variety of environments and to implement your specific compliance, security, and regulatory requirements.

Get started now

Previous Next

SAP HANA security overview

Learn about different SAP HANA scenarios as well as security functions – including access control, data encryption, and data center integration. And gain an understanding of security
in the software lifecycle, from secure development to security patches.  

Insight into security features

Get the details on SAP HANA security, including network and communications security, user management, authentication and single sign-on, authorization, data storage security, and more. And get access to a wealth of security reference information.  

How to keep your data secure

Businesses are increasingly dependent not only on the reliability of the information they store but also on the security of their IT systems. But how do you ensure database security when there is no “one size fits all” answer?

Manage Secure Information Access

Manage and control compliant access to your critical data

As an SAP customer, you understand that protecting your company's critical data from unauthorized access and ensuring compliance are top priorities. Learn about the different features and functions of SAP HANA that allow you to manage and control who can access your data.
Previous Next

Role and privilege management

SAP HANA’s comprehensive authorization framework provides highly granular access control. Roles are used to bundle and structure privileges into sets of privileges for dedicated user groups. Privileges are based on standard SQL object privileges and SAP HANA-specific extensions for business applications.

User and identity management

SAP HANA provides tools for user administration and role assignment, as well as adapters for SAP Identity Management and SAP Access Control, which allow integration into existing user provisioning infrastructures. To connect custom user provisioning solutions, an SQL interface is available.
Previous Next

Authentication and single sign-on

Access to SAP HANA data, functions and applications requires authentication. SAP HANA offers several authentication options, which can be configured per user. For password login, a password policy governs change frequency, password complexity and other password related security settings. Several standard based single sign-on (SSO) options are available: Kerberos/SPNEGO, SAML, SAP logon and assertion tickets,  X.509 certificate.

Audit logging

SAP HANA offers highly configurable, policy based audit logging for critical system events, for example, changes to roles or the database configuration. It can also record access to sensitive data: write and read access to objects such as tables or views, as well as the execution of procedures. For situations where a highly privileged user needs temporary access to a critical system, firefighter logging can be enabled. Integration into existing logging infrastructures is possible using Linux syslog.

Manage Secure System Setup

Secure system set-up, administration and operation

SAP HANA is designed to run in different scenarios, environments, and infrastructures in a secure fashion. Incorrectly configured security settings are one of the most common causes of security problems. That’s why SAP offers support tools, settings, and information to help you to run SAP HANA securely in your environment.
Previous Next

Secure communication

SAP HANA supports TLS/SSL connection encryption for network communication channels. Encryption of client-server communication (external channels) can be enforced. For internal channels, a public-key infrastructure (PKI) is automatically set up during installation. Network communication channels (purpose, ports) are documented in detail, including recommendations on the use of firewalls and network zones.

Encryption

Data-at-rest encryption and application data encryption (including encryption APIs) are part of SAP HANA’s core feature set. Backup encryption is provided by a wide variety of 3rd-party backup tool vendors who are certified for SAP HANA’s Backint interface. SAP HANA supports SAP’s standard FIPS-certified cryptographic library.
Previous Next

Secure Administration and Configuration

For monitoring security-related settings, administrators can use SAP HANA tools (for example, the security dashboard in the SAP HANA cockpit), as well as other SAP tools such as SAP Solution Manager. SAP HANA comes with a checklist of critical security settings in the SAP HANA Security Guide.

Security Infrastructure Integration

SAP HANA supports industry standards (e.g. SAML) and documented interfaces to enable integration with the customers’ security network and datacenter infrastructures such as for single-sign-on, identity management, audit logging, compliance tools and, threat detection and anti-virus checking.

Manage software security and patching

Prevent – Detect – React

Fundamentally, the security of your environment depends on two things: security in how the underlying products are developed, and all systems being kept up to date with the latest security patches and updates.

As the global leader in business software, SAP takes the security of its customer data seriously. At the core of our development processes is a comprehensive security strategy based on three pillars: Prevent – Detect – React.

SAP stands for secure and reliable software solutions.

Previous Next

Security patches and updates

It is important that customers are always aware of the newest security fixes provided for SAP HANA. Security fixes are delivered as SAP HANA revisions and can be applied using SAP HANA’s lifecycle management tools. Security fixes are announced on the monthly SAP security patch day according to the general SAP security patch strategy in SAP security notes.

Security services by SAP

SAP offers a wide range of security tools and services to ensure the smooth operation of your SAP solution by taking action proactively, before security issues occur.

How SAP develops secure software

An important component of SAP's product security strategy is the secure software development lifecycle (secure SDL), which provides a comprehensive framework of processes, guidelines, tools and staff training, and ensures that security is an integral component of the architecture, design, and implementation of SAP solutions.

The secure SDL is a risk-based approach, which uses threat-modeling and security risk assessment methods to determine the security controls enforced during software provisioning and operations, including comprehensive security testing with automated and manual tests.

Back to top