Importance of the Three Layers: Part Two – Why Should I Consider Security in the HANA Database
In the first part of my blog series, I focused on SAP S/4HANA security in the S/4 application. As you recall, there are three levels of security to focus on, application, database and user interface. Now that we’ve discussed that, I want to move on to security for the HANA database, how you can set it up and why it is important.
SAP HANA Database Security Features
SAP HANA provides several security functions such as authentication, authorization, encryption, and audit logging that enable the implementation of security policies based on the scenarios in which SAP HANA can be used. SAP HANA can be used in providing application services using SAP HANA Extended Services (XS), for reporting and analytics in data marts, and as a database in SAP Business Warehouse (SAP BW) and SAP Business Suite applications.
The key is to remember that SAP HANA can be used in different scenarios and each scenario requires a different security approach. The database provides several security functions with the flexibility of implementing different security policies. Security implementation depends heavily on the architecture of SAP HANA and the systems surrounding the database.
When you think of SAP HANA security and controls, it is important to first understand the various scenarios in which security can be applied. Let’s take a look at some of them. The first scenario is SAP HANA as an Application Server is one of the scenarios where SAP HANA XS incorporates an application server embedded within SAP HANA, exposing applications developed in this server to end users. The various security functions for SAP HANA directly apply to these applications and appropriate controls have to be tested accordingly.
SAP S/4HANA leverages SAP’s advanced in-memory platform, SAP HANA, and offers optimized business processes and end-user experience with SAP Fiori. In addition to the various functionalities that SAP HANA provides, there are over 3,000 CDS views currently available within the application that SAP HANA supports as an infrastructure used by database developers to create the underlying data model which the application services expose to SAP Fiori UI. All the web applications built on SAP HANA are built in the HANA XS server, which requires suitable security functions to be applied.
Ready to Add Security
NTT DATA Business Solutions has built a unique solution around SAP HANA Security called SecureHANA.it. It is a package that delivers preconfigured SAP HANA Security, including SOX ready, Segregation of Duties compliant, design time HANA Roles, Risk and Control Matrix for SAP HANA and several spreadsheet templates for Security Assessment, Role Build and SOD violation within the HANA Database.
To learn more about NTT DATA Business Solutions’ extensive offering of security and compliance solutions, visit our website.