{"id":28668,"date":"2017-09-21T00:09:47","date_gmt":"2017-09-20T22:09:47","guid":{"rendered":"http:\/\/e3mag.com\/?p=28668"},"modified":"2022-05-01T09:04:54","modified_gmt":"2022-05-01T07:04:54","slug":"data-security-the-crown-jewels-protect","status":"publish","type":"post","link":"https:\/\/e3mag.com\/en\/datensicherheit-die-kronjuwelen-schuetzen\/","title":{"rendered":"Protect the crown jewels"},"content":{"rendered":"<h3>SAP customers worldwide are currently undergoing a digital transformation process. What changes do you see for data security with the switch to SAP S\/4 Hana?<\/h3>\n<p><strong>Holger H\u00fcgel:<\/strong> In addition to retrieval via the NetWeaver stack, Hana also offers the option of accessing data directly or via Hana XSA. This means that the database inevitably has its own authorization concept, which must be integrated into the existing concept.<\/p>\n<p>In addition, Hana as a platform offers numerous new application interfaces, all of which inherently carry security risks. The risk of data leaving the SAP system in an uncontrolled manner increases.<\/p><div id=\"great-2018055479\" class=\"great-fullsize-content-en great-entity-placement\" style=\"margin-bottom: 20px;\"><a data-no-instant=\"1\" href=\"https:\/\/www.youtube.com\/watch?v=6ZGXMPyM-nU\" rel=\"noopener\" class=\"a2t-link\" target=\"_blank\" aria-label=\"banner_26-04_29_1200x150\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1.jpg\" alt=\"\"  srcset=\"https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1.jpg 1200w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-400x50.jpg 400w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-768x96.jpg 768w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-100x13.jpg 100w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-480x60.jpg 480w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-640x80.jpg 640w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-720x90.jpg 720w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-960x120.jpg 960w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-1168x146.jpg 1168w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-18x2.jpg 18w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26-04_29_1200x150-1-600x75.jpg 600w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" width=\"1200\" height=\"150\"  style=\" max-width: 100%; height: auto;\" \/><\/a><\/div>\n<p>Background data transfer between SAP and third-party applications, which is largely \"opaque\" to security managers, is also on the rise, increasing the attack surface for hacking attacks and insider attacks.<\/p>\n<p>To be able to reliably secure SAP data in the future, companies must act with foresight and implement technical solutions that minimize these risks.<\/p>\n<h3>What do you think an authorization concept that integrates the new and old worlds might look like?<\/h3>\n<p><strong>Hill:<\/strong> Future authorization concepts will initially be based on the processes and the data processed in them. In a sense, they follow the data along the processing chain over its entire life cycle.<\/p>\n<p>The need to protect the data is derived from this, which ultimately corresponds to a data classification and results in a data-centric authorization system. This approach expands the previous role-based concept, but does not replace it. This is because the protection class clearly describes which role is allowed to process individual data and how.<\/p>\n<p><a href=\"https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel.jpg\"><img loading=\"lazy\" decoding=\"async\" title=\"Protect the crown jewels\" class=\"aligncenter size-full wp-image-28669\" src=\"https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel.jpg\" alt=\"Sacrifice And Hill, Data Security\" width=\"1000\" height=\"420\" srcset=\"https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel.jpg 1000w, https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel-768x323.jpg 768w, https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel-100x42.jpg 100w, https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel-480x202.jpg 480w, https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel-640x269.jpg 640w, https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel-720x302.jpg 720w, https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/Opfer-und-Huegel-960x403.jpg 960w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/a><\/p>\n<h3>What practical experience have you had in this regard? Are there already companies that classify their data consistently and seamlessly?<\/h3>\n<p><strong>Andreas Opfer:<\/strong> Although representatives from the automotive industry in particular are already championing the issue of data classification, to my knowledge there are as yet no industry or sector standards that define exactly what is behind the status \"confidential\", for example, and what impact this has on data processing.<\/p>\n<p>In order to be able to secure the process chains with their partners and suppliers in our increasingly networked world, there is still an urgent need for companies to catch up here.<\/p>\n<h3>How can we imagine the organizational and technical implementation of the new security approaches in practice?<\/h3>\n<p><strong>Hill:<\/strong> To keep pace with the fast pace and interchangeability of today's IT technologies, companies' core processes will increasingly be handled via platform architectures in the future.<\/p>\n<p>In a digital world, IT security is undoubtedly one of these core processes and requires its own platform. Today, you can often find central identity management systems that take on this role.<\/p>\n<p>However, these are only viable for the future if they allow a data-centric security concept. In any case, one should rely on established standard platforms that are supported by all common applications as a \"security instance\".<\/p>\n<p><strong>Victim:<\/strong> And this is exactly where Secude helps with the SAP data security solution Halocore. It is the only solution that enables Microsoft AIP\/RMS security standards to be applied to the SAP landscape, and is of course also certified for S\/4 Hana.<\/p>\n<p>Because SAP is now the central data hub in most companies, data is exchanged with numerous satellite systems via various interfaces, whether manual or automated.<\/p>\n<p>The automated data classification built into Halocore enables the application of the appropriate RMS profile, provided that the data is allowed to leave SAP. Without the appropriate authorization, the export of the data is prevented.<\/p>\n<h3>How can companies integrate these steps into their current migration projects?<\/h3>\n<p><strong>Victim:<\/strong> We can very well understand that such large migration projects as S\/4 Hana tie up a large part of the resources. Many customers therefore try to keep any further increase in complexity out of the project. However, data security is no longer an option today, but a must.<\/p>\n<p>The DSGVO imposes obligations and attacks on corporate IP are on the rise. The architectural changes that accompany S\/4 Hana also offer an opportunity to put all IT architectures to the test in small completed sub-projects and adapt them as necessary in the course of the migration.<\/p>\n<p>The effort for this is lowest as part of the S\/4 Hana migration. Later, it becomes more and more expensive. In addition, numerous migration tools, e.g. for data and Abap custom code, help to reduce complexity and manage risks.<\/p>\n<p>Halocore, for example, can be implemented in a matter of days and protects SAP customers' \"crown jewels\" from day one - both before and after the S\/4 Hana migration.<\/p>","protected":false},"excerpt":{"rendered":"<p>Although the number of security incidents at large and medium-sized companies is steadily increasing, many are subordinating the topic of data security to transformation projects. Andreas Opfer and Holger H\u00fcgel from Secude explain what modern security concepts should look like and how SAP managers can integrate them sensibly into current S\/4 Hana migration projects.<\/p>","protected":false},"author":38,"featured_media":28671,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pmpro_default_level":"","footnotes":""},"categories":[17712,17703],"tags":[11367,606,130,11281,17715,1790,6174,722,19701,236,14540],"coauthors":[19920],"class_list":["post-28668","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-coverstory-1710","category-mag-1710","tag-berechtigungskonzept","tag-daten","tag-datenbank","tag-dsgvo","tag-halocore","tag-it-security","tag-it-sicherheit","tag-netweaver","tag-s-4-hana","tag-sap","tag-sicherheitsrisiken","pmpro-has-access"],"acf":[],"featured_image_urls_v2":{"full":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"thumbnail":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-150x150.jpg",150,150,true],"medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",400,175,false],"medium_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-768x336.jpg",768,336,true],"large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"image-100":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-100x44.jpg",100,44,true],"image-480":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-480x210.jpg",480,210,true],"image-640":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-640x280.jpg",640,280,true],"image-720":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-720x315.jpg",720,315,true],"image-960":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-960x420.jpg",960,420,true],"image-1168":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"image-1440":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"image-1920":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"1536x1536":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"2048x2048":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"trp-custom-language-flag":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",18,8,false],"bricks_large_16x9":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"bricks_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"bricks_large_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",1000,437,false],"bricks_medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",600,262,false],"bricks_medium_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk.jpg",600,262,false],"profile_24":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-24x24.jpg",24,24,true],"profile_48":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-48x48.jpg",48,48,true],"profile_96":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-96x96.jpg",96,96,true],"profile_150":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-150x150.jpg",150,150,true],"profile_300":["https:\/\/e3mag.com\/wp-content\/uploads\/2017\/09\/shutterstock_585565277-cmyk-300x300.jpg",300,300,true]},"post_excerpt_stackable_v2":"<p>Obwohl die Anzahl der Sicherheitsvorf\u00e4lle bei gro\u00dfen und mittelst\u00e4ndischen Unternehmen stetig zunimmt, ordnen viele das Thema Datensicherheit den Transformationsprojekten unter. Andreas Opfer und Holger H\u00fcgel von Secude erkl\u00e4ren, wie moderne Sicherheitskonzepte aussehen sollten und wie SAP-Verantwortliche diese sinnvoll in aktuelle S\/4-Hana-Migrationsprojekte integrieren k\u00f6nnen.<\/p>\n","category_list_v2":"<a href=\"https:\/\/e3mag.com\/en\/category\/coverstorys\/coverstory-1710\/\" rel=\"category tag\">Coverstory 17-10<\/a>, <a href=\"https:\/\/e3mag.com\/en\/category\/mag-1710\/\" rel=\"category tag\">MAG 17-10<\/a>","author_info_v2":{"name":"E-3 Magazine","url":"https:\/\/e3mag.com\/en\/author\/e-3-magazin\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/28668","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/users\/38"}],"replies":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/comments?post=28668"}],"version-history":[{"count":0,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/28668\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media\/28671"}],"wp:attachment":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media?parent=28668"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/categories?post=28668"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/tags?post=28668"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/coauthors?post=28668"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}