The global and independent platform for the SAP community.
Community News, MAG 17-03, Scene

HCP globally unsettled

How confident can SAP's existing customer be that IoT data is safely stored on the Hana Cloud Platform and will stay where it belongs? By its very nature, SAP does not have a global, failsafe data network with hundreds of connected data centers. Who is the infrastructure-as-a-service provider?
Peter M. Färbinger, E3 Magazine
March 1, 2017
Content:
HCP
avatar
This text has been automatically translated from German to English.

There are two types of providers in the cloud business: the providers of ideas, concepts and visions, such as SAP; and the lesser-known, technical service providers responsible for the pipes and data centers.

Some work in the bright light on the show stage, others backstage - less glamorous, but very efficient. They need each other and usually harmonize very well.

German Telekom may be a hermaphrodite in this divided provider world of cloud computing. It owns the lines and global data centers, but also steps into the limelight itself.

At the same time, it is an important infrastructure service partner for Microsoft, so that customers can be sure that the data really stays in Germany or Europe.

Two years ago, SAP's Chief Technology Officer Bernd Leukert promised something similar in his opening speech at the DSAG annual congress: EU Access from SAP.

Not only from an emotional, but also from a legal point of view, it is very important for many European SAP legacy customers to have the assurance that their own data will remain in the country.

IT experts agree that this undertaking is relatively easy and safe to implement for simple cloud services that have the character of outsourcing.

But what happens in IoT scenarios when a global supply chain consists of billions of "networked things" and SAP's Hana Cloud Platform is used as the logical construct - Platform as a Service (PaaS)?

Gartner forecast: 8.4 billion "connected things" will be used in 2017 - a 31 percent increase over 2016.

Cloudflare as a solution

Big Data on the HCP is reality and also wanted by SAP.

SAP has chosen global company Cloudflare as the infrastructure-as-a-service provider for the HCP.

Cloudflare operates more than 100 data centers worldwide (see cover image) and offers numerous services: starting from the free Content Delivery Network for the http protocol to minimize website loading time to fail-safe IT infrastructures for business-critical applications.

Knowing its responsibility to its own existing customers, SAP must of course establish a robust global IT network for the Hana Cloud Platform.

But how does a global claim, as represented by SAP partner Cloudflare, reconcile with the local security needs of SAP's existing customers?

The Diplomatic Council, a global think tank that advises the United Nations, along with the National Information and Internet Security Initiative (NIFIS), has released a recent report on so-called "cloud sync & share services," Internet services that synchronize data across different devices.

Safety concerns

The Diplomatic Council found "serious differences in terms of data security and data protection" even though the scope of the services was almost the same.

The global think tank describes it as "remarkable" that "the two German-based services Telekom MagentaCloud and Strato HiDrive fail in practically all security-relevant fields".

The report literally states:

"Without end-to-end encryption, a zero-knowledge approach, hybrid data storage, audit trail space and 2-factor authentication, neither service can be certified as confidential and secure"

An audit trail space makes it possible to check at any time who had access to the data and when, and above all by whom the data was changed, moved or deleted, usually over a period of years.

However, what applies to simple business data is also the minimum requirement for IoT data and platforms such as SAP's HCP, where such data is collected, transported and processed worldwide.

If the functions demanded by the Diplomatic Council are missing and one is in a globally redundant data network such as that of SAP partner Cloudflare, then the concern of many existing SAP customers seems justified.

SAP's response to existing customers' concerns:

"EU Access from SAP.

The Walldorf-based company offers its customers the option of storing and processing personal data exclusively in the European Union (in the European Economic Area) and in Switzerland.

SAP's EU Access Service is available for on-premise systems and a growing number of cloud solutions (source: SAP Integrated Report 2015, Sustainability Components: Security and Data Protection).

However, this service offered by SAP Chief Technology Officer Bernd Leukert in 2015 at the DSAG Annual Congress will not be enough.

LeukertHCP

Thomas Lapp, Chairman of the Global Information Security Forum at the Diplomatic Council and Chairman of the National Information and Internet Security Initiative, states:

"It is to be hoped that the operators of all services will recognize the security deficiencies of their services as soon as possible and rectify them as quickly as possible. A high level of security is in everyone's interest."

There is a need for action in HCP and Cloudflare: Meanwhile, 75 percent of companies obtain services from their own cloud and as many as 79.6 percent obtain services from a provider cloud, as surveyed by Capgemini in the DACH region (IT-Trends 2017: www.de.capgemini.com/it-trends).

However, the high user rate should not hide the fact that the latter still only account for a small share of the overall performance.

This year, they are providing 10.2 percent of all IT services (previous year: 6.5 percent), while company-owned clouds have a share of 36.6 percent (previous year: 27.1 percent). Large corporations and SMEs in particular have greatly expanded their use of the cloud.

IT security and cloud computing are the most important topics for the digital economy in 2017, followed by the Internet of Things and Industry 4.0.

HiTech

This is the result of the annual trend survey conducted by the digital association Bitkom. According to the survey, two out of three companies (67 percent) named IT security as one of the key technology and market trends of the year.

"IT security is becoming even more important because more and more critical systems such as vehicles, medical technology or machines are being digitally networked in the course of digitalization"

said Bitkom Chief Executive Bernhard Rohleder.

"At the same time, attacks by criminal hackers are becoming increasingly sophisticated. Companies often can no longer get by with normal security tools such as virus scanners or firewalls."

Cloud computing was named as an important topic by 60 percent of the companies surveyed.

"Cloud computing is the basis of digitization because it enables both more efficient business processes and the development of entirely new, digital business models"

agte Rohleder.

This year, the Internet of Things, i.e., the networking of devices and machines, made the leap into the top 3 with 55 percent (previous year: 5th place).

While televisions, audio equipment and cameras are increasingly being networked in the consumer sector, for example, machines, measuring devices and smart building technology are also being networked in the business sector.

The topic of "digital platforms" was included for the first time in Bitkom's selection of relevant high-tech topics and, with 32 percent of mentions, landed in sixth place right away behind Big Data (41 percent).

Thus, SAP has taken the right path with HCP and Cloudflare as IaaS. For many existing SAP customers, however, the question of security and transparency seems unanswered.

An E-3 survey of the SAP community found that Cloudflare as the basis for HCP is still a well-kept secret.

The question thus remains open: Where is the IoT HCP data stored? SAP does not want to answer this question for the time being.

avatar
Peter M. Färbinger, E3 Magazine

Peter M. Färbinger, Publisher and Editor-in-Chief E3 Magazine DE, US and ES (e3mag.com), B4Bmedia.net AG, Freilassing (DE), E-Mail: pmf@b4bmedia.net and Tel. +49(0)8654/77130-21


All articles of the author

Write a comment

Security: How to protect SAP systems effectively

Precisely supports Amazon RDS for Db2 Service

Flexera completes acquisition of Snow Software

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024

Venue

Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT

Venue

Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024

Tickets

Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.