There was a time when security was a legitimate question for businesses that were thinking of moving their workloads to the cloud and adopting a cloud-based ERP solution such as SAP Business ByDesign. But times have changed.
Cloud ERP fundamentally is more secure than on-premise software because businesses don’t have to manage the security. Instead of relying on in-house security teams to build out security measures and ensure they stay updated and relevant to the cybersecurity threat landscape today, businesses can lean on cloud providers and the ERP application vendors that sit on top of them to ensure security is tight. Since weak security would undermine these providers fast, ensuring that their environments are secure is a key focus for them.
Still, what does “secure environment” actually mean when it comes to cloud ERP? Let’s look at how ERP market leader SAP ensures that business customers don’t have a cybersecurity issue with their cloud ERP backend.
Seven Ways SAP Protects its Cloud ERP Solutions
For businesses that use SAP Business ByDesign or the cloud version of SAP Business One, the cloud infrastructure is running on the major cloud providers that frankly power the internet today: Amazon Web Services (AWS) and Microsoft Azure Cloud. These cloud providers handle the physical security at their sites, and SAP is responsible for securing what happens inside the cloud from a software perspective. This covers most of the security around a company’s ERP installation, and all that’s left to a business to secure is proper configuration and access roles within the ERP software (if your business hands out admin credentials to passersby on the street, that’s on you).
SAP approaches its security role with seven key strategies that ensure business data stays safe.
1. Preventative Controls and Detection Monitoring
All cloud ERP accounts are hardened for security by default, with preventative controls and the latest security best practices built in. This includes active security monitoring and detection, which looks for things like zero-day security exploits and suspicious activity.
2. Secure Reference Architecture Blueprints
Standardization and templates are a key reason to use ERP at a business. Similarly, SAP takes this same approach with its cloud ERP security for customers. It maintains a security architecture blueprint with proven security configurations so all products and features developed by SAP for customers follow tight security best practices without gaps or oversights in security configuration.
3. An Extensive Approval Process for Security Concepts
For business-critical environments, SAP adds an extra layer of security oversight beyond its security blueprints to ensure that all systems are sufficiently protected and secure. Prior to a new deployment, SAP’s central security team reviews the plans of its development teams just to be sure everything is properly safe and secure.
4. Secure-by-Default Cloud Accounts
Businesses that run on SAP’s cloud ERP solutions start with accounts that are secure by default. But SAP goes further. It also works with public cloud providers to review their security stance and improve it, and continuously adjusts default settings within its cloud environment to maintain good cybersecurity settings in the face of the evolving cybersecurity threat landscape.
5. Centrally-Driven Security Measures
To ensure that all cloud ERP accounts are secure, SAP centralizes its security management and uses the same security measures across all business accounts. For instance, SAP enforces multi-factor authentication across all customer accounts so even if your business hands out admin credentials on the street it probably still will be okay (we don’t recommend this, however).
6. Cloud Provider-Specific Built-in Security Features
SAP also works with its cloud providers to add and improve cloud provider-specific security features to further enrich the security of all cloud ERP users. This includes things like services to protect against distributed denial-of-service attacks, and cloud provider-specific default disk encryption to protect against unauthorized access.
7. Strict Cloud-Account Lifecycle Management Processes
Despite all this, SAP also makes sure that it can reach the correct people at a business if there is a security concern. SAP practices stringent cloud-account lifecycle processes to help ensure that it has correct contact and contextual information in case it needs to reach out to a customer.
Fortune 500 Security for Small to Medium-sized Businesses
All of these policies and practices add up to large, multinational-level cybersecurity that becomes available to any small or medium-sized enterprise that uses an SAP cloud ERP solution to run its backend. While businesses undoubtedly could develop many of these systems themselves, this adds cost and requires constant security maintenance and improvement.
At least for most businesses, this time and money is better spent on other things than reinventing the wheel, such as business-specific security protocols and hardening.
For more on cloud ERP, download our free guide Understanding Cloud ERP for Non-IT Executives or contact one of our experienced consultants at (801) 642-0123.