The global and independent platform for the SAP community.

DevSecOps for SAP? Of course!

A time of data-driven transformation and modernization has dawned - also for SAP users. This is by no means just about SAP systems; non-SAP environments must also be part of an overall strategy.
Peter Körner, Red Hat
26 October 2021
avatar
This text has been automatically translated from German to English.

CIOs occasionally have concerns that they will not be able to maintain the silo security of an SAP environment and thousands of Abap in-house developments if they integrate modern, cloud-based non-SAP systems and services into the process landscape. These reservations are not unfounded when manually configuring and maintaining hundreds of additional cloud modules and services.

By using a coordinated, pre-integrated container platform for all target architectures from on-premises to edge to cloud, many of the requirements for governance, compliance, code security and control can be implemented from the outset for all tiers used. The required functionalities for end-to-end process security are available by default.

If a company wants to drive innovation topics, there is no way around the use of new platforms, frameworks, applications and technologies: Integrated hybrid multi-cloud platforms, cloud-native applications, containers, microservices and APIs are unquestionably the decisive components here. Hybrid cloud platforms and cloud-native application development will therefore also have a lasting impact on the future of SAP.

This also means that SAP environments must no longer be viewed as isolated systems, but rather with SAP's side-by-side extensibility concept in mind. This involves linking SAP data, processes and user interfaces with state-of-the-art programming environments, continuous integration and delivery systems, and DevOps methods. In contrast to classic Abap-based in-house developments, the so-called side-by-side extensions for S/4 systems allow the simple implementation of agile end-to-end processes and thus also integrate the SAP landscape with non-SAP systems. 

But what do these developments mean for security? SAP infrastructures must be consistently integrated into a security strategy if silo boundaries are to be bridged. Established security concepts and SAP role and rights management must not be watered down or softened in the case of non-SAP integration - a "technical user" is not a permanent solution.

Especially in cloud-native application development, security takes a high priority, which also applies to the development of modern
side-by-side-based SAP extensions is used and can justify an Abap replacement from a security perspective alone. With regard to containerization, for example, it is ensured that no unauthorized access is possible between the resources used in the host system. Container images should also only be provided from trustworthy sources, for example only after verification by internal IT from predefined catalogs.

Above all, however, a solid Linux is also particularly important. There are several security levels to protect containers on Linux, such as SELinux (Security-Enhanced Linux). SELinux is enabled by default on the Red Hat Enterprise Linux 8 Linux operating system and often runs in high-security environments, including with Hana.

All in all, modern security management by no means has to end with the SAP platform. Security can be consistently implemented in the end-to-end processes integrated with SAP and non-SAP systems. A central basis for this are modern enterprise Kubernetes platforms such as Red Hat OpenShift. It contains all the necessary functionalities and services to operate a container management platform for diverse, business-critical applications on a wide variety of infrastructures in a certified manner. This includes, for example, SLAs, multiple security layers, automation or cluster management. And the security features are comprehensive: from vulnerability management and network segmentation to continuous compliance or risk prioritization.

avatar
Peter Körner, Red Hat

Peter Körner is Principal Business Development Manager Red Hat SAP Solutions at Red Hat


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 20, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.