{"id":10831,"date":"2018-07-24T10:25:28","date_gmt":"2018-07-24T17:25:28","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=10831"},"modified":"2023-06-15T14:56:25","modified_gmt":"2023-06-15T21:56:25","slug":"protecting-sap-s-4hana-data-on-azure-at-microsoft","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/","title":{"rendered":"Protecting SAP S\/4HANA data on Azure at Microsoft"},"content":{"rendered":"<div class=\"m-alert f-error\" role=\"alert\">\n<div>\n<div class=\"c-glyph glyph-incident-triangle\" aria-label=\"Error message\"><\/div>\n<p class=\"c-paragraph\">This content has been archived, and while it was correct at time of publication, it may no longer be accurate or reflect the current situation at Microsoft.<\/p>\n<\/div>\n<\/div>\n<p>Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.<\/p>\n<p>At Microsoft, we recently migrated the enterprise\u2019s SAP environment to Microsoft Azure, as part of our planned transition from SAP ECC 6.0 to the new SAP S\/4HANA platform. We\u2019re already gaining the numerous business and operational benefits that Azure cloud infrastructure affords\u2014and seeing cost savings, too. Moving SAP, our longstanding enterprise resource planning (ERP) solution, onto Azure also marked the beginning of another new chapter: an expanded partnership with SAP. This collaboration enables customers to accelerate their business transformation with S\/4HANA on Azure by leveraging SAP\u2019s managed services and our robust Azure cloud infrastructure.<\/p>\n<p>The future solution for SAP on Azure represents an exciting milestone for Microsoft and SAP. It also presents security challenges and opportunities because of the complexity of managing critical enterprise solutions. We\u2019re taking this opportunity to design new capabilities and controls to protect our systems and data. We\u2019re also enhancing existing compliance processes and creating new ones to meet our ever-changing obligations. This multifaceted initiative provides an ideal platform for us to use while showcasing the modern engineering approach that we\u2019re developing at Microsoft.<\/p>\n<p>Our goal is to create an optimal integrated cloud security and compliance strategy for hosting the more complex, configurable, and user-accessible SAP S\/4HANA solution. Our strategy focuses on protecting Microsoft assets and data in a high-profile environment, while streamlining compliance with existing regulations such as Sarbanes-Oxley (SOX) and new ones such as the General Data Protection Regulation (GDPR).<\/p>\n<p>Our S\/4HANA security-redesign initiative is underway and incorporates the robust Microsoft enterprise-security framework and principles that we have developed over time. It also leverages the Azure-specific security framework that has positioned Azure as a cloud services leader, and it will incorporate the security tools and technology that SAP and its partners have developed. Furthermore, we will integrate industry best practices in every facet of the security infrastructure that we build for S\/4HANA on Azure. This allows us to be agile, efficient, and provide scalability in our SAP environment.<\/p>\n<h2>Current SAP security structure at Microsoft<\/h2>\n<p>The current Microsoft SAP security design, developed over the past two decades, has been expanded and improved to meet our needs as our SAP-data footprint has grown. Like many large enterprise organizations, we use the SAP solution to run most of our business operations. Today, our SAP environment includes approximately 600 application servers and is our largest internal application running on Azure, supporting approximately 10,000 business users. Managing security and privacy has become increasingly more challenging, because of the sheer size of our SAP environment and the ever-evolving risk environment.<\/p>\n<p>For Microsoft and other enterprises that are moving operations to cloud services and continually implementing technologies that expand user capabilities, security (cybersecurity in particular) is a chief concern. Mitigating those concerns is the driving factor behind the multifaceted approach that we\u2019re taking in designing our future SAP security infrastructure and privacy capabilities.<\/p>\n<h2>S\/4HANA framework future state: security and compliance by design<\/h2>\n<p>The transition to SAP S\/4HANA gives Microsoft an ideal opportunity to modernize and streamline our overall security and governance, risk management, privacy, and compliance capabilities so that we can address current and future needs, and challenges as they arise. Our approach is to build and enhance security and compliance, by design, into the entire SAP S\/4HANA solution. At every step in the process, our Business, Compliance, Audit, Engineering\/IT operations, and design teams have been working together with our product groups to ensure that the standards and processes we develop are seamlessly and effectively integrated into the final framework. This differs from the traditional approach that many enterprises use, which entails first developing products and then adding security layers or controls to the finished product.<\/p>\n<p>In addition to incorporating Azure\u2019s inherent security structure\u2014Azure is already an industry leader in this realm and has more certifications than any other cloud provider\u2014our future framework will feature a highly integrated compliance solution. We also plan to better use our technology capabilities and include automation wherever feasible. We will automate the following areas (and others as we identify them):<\/p>\n<ul class=\"c-list\">\n<li>Access request and provisioning<\/li>\n<li>Patch management and deployment<\/li>\n<li>Incident reporting and response<\/li>\n<li>High-risk data-access control and alerting<\/li>\n<\/ul>\n<p>Because S\/4HANA introduces new functionality, we are also using this opportunity to redesign SAP application security and interface authorizations and ensure that we deploy single sign-on (SSO) utilizing Azure Active Directory (Azure AD) across all systems and applications. The modernized authorization framework better aligns with our overall organizational structure. Additionally, it simplifies the S\/4HANA user experience and provides us with more flexibility and scalability to adapt to changes and growth within Microsoft.<\/p>\n<p>Although we\u2019ll keep many of our traditional application-level security concepts in the future system, the new infrastructure must accommodate the additional complexities of S\/4HANA database access as SAP interface options and user capabilities expand. These interfaces include Fiori Gateway, mobile devices, and the S4 application layer. Changing business practices, such as direct user database access and new cybersecurity risk vectors, also pose challenges in database security for all enterprises. We\u2019ll accommodate this evolving environment with the design of our future-state SAP security and compliance framework.<\/p>\n<p>The key driver of our SAP-on-Azure security strategy is ensuring that we create a highly flexible, scalable, and automated environment built on top of the Azure platform. Other objectives include:<\/p>\n<ul class=\"c-list\">\n<li>Tightly integrating security and controls, including patch management, real-time threat detection, and granular user-access and authorization controls.<\/li>\n<li>Utilizing new tools and capabilities, such as Microsoft Power BI and Azure AI, to enhance our reporting, controls automation, and security monitoring.<\/li>\n<li>Re-envisioning and redesigning security roles to help ensure data security and corporate-asset protection while mitigating risks.<\/li>\n<li>Ensuring that the Microsoft compliance teams play an integral role in driving security, privacy, and compliance across the future S\/4HANA platform and in designing change-management functions.<\/li>\n<li>Reducing maintenance costs and ensuring greater consistency in our governance model through change-control automation.<\/li>\n<\/ul>\n<figure id=\"attachment_10834\" aria-describedby=\"caption-attachment-10834\" style=\"width: 626px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-10834 size-full\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_image001.jpg\" alt=\"A row of Incremental program enhancement boxes and a row of Security functional domain boxes display.\" width=\"626\" height=\"236\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_image001.jpg 626w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_image001-300x113.jpg 300w\" sizes=\"(max-width: 626px) 100vw, 626px\" \/><figcaption id=\"caption-attachment-10834\" class=\"wp-caption-text\">Figure 1: The Microsoft SAP security redesign will feature incremental program enhancements (top row) and will affect all security functional domains (bottom row) within the Microsoft SAP environment<\/figcaption><\/figure>\n<h2>Security and compliance drive design at each level<\/h2>\n<p>Our new S4\/HANA security and compliance framework will apply the stringent enterprise security and compliance principles that underpin all Microsoft operations and activities. At every level, we\u2019ll build advanced security controls and capabilities into the solution that we design and the proactive protection and monitoring systems that SAP incorporates into S4\/HANA. These include the current Azure platform, the SUSE Linux operating system, the HANA database, the S4 application layer, the Fiori Gateway, and cybersecurity components.<\/p>\n<figure id=\"attachment_10835\" aria-describedby=\"caption-attachment-10835\" style=\"width: 626px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-10835 size-full\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_image002.jpg\" alt=\"Depiction of the current Microsoft SAP environment and then the future-state environment that Microsoft is developing to accommodate ever-changing security and compliance needs, and to help ensure risk mitigation\" width=\"626\" height=\"292\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_image002.jpg 626w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_image002-300x140.jpg 300w\" sizes=\"(max-width: 626px) 100vw, 626px\" \/><figcaption id=\"caption-attachment-10835\" class=\"wp-caption-text\">Figure 2: The current Microsoft SAP environment and the future-state environment we\u2019re developing to accommodate ever-changing security and compliance needs, and to help ensure risk mitigation<\/figcaption><\/figure>\n<h3>Azure<\/h3>\n<p>At the Azure level, the security framework will utilize our inherent industry-leading controls and capabilities, including Key Vault, Security Center, Azure AD, and Azure Advanced Threat Protection (Azure ATP). Azure also provides application and database security via web application firewalls (WAFs) and network security by using virtual networks. These capabilities help ensure data security and encryption at all points.<\/p>\n<p>Security monitoring and threat detection are critical to Microsoft\u2019s SAP security strategy. We will use Azure\u2019s inherent logging and monitoring capabilities to provide Microsoft security services\u2019 real-time visibility into the environment. We\u2019ll also deploy Azure AI and machine learning to provide threat detection and event analysis. Today, we spend about $1 billion annually on Azure cloud security, to ensure that the enterprise-grade security and privacy protections we develop extend to our customers, which include many of the world\u2019s largest financial institutions.<\/p>\n<h3>SAP<\/h3>\n<p>Building on Azure\u2019s scalable and secure enterprise architecture, we\u2019ll deploy the SUSE Linux operating system (OS). SUSE Linux\u2019s inherent features including native malware protection and other features are designed to help secure SAP HANA. We will also apply our own Microsoft standard OS-level controls, including patch-management and OS hardening.<\/p>\n<p>Additionally, we\u2019ll apply standard database controls to the HANA database, in line with other databases in the Microsoft environment. However, unlike traditional databases, HANA is an in-memory columnar database that moves the calculation logic from the application layer to the database layer. End users may need direct access to the database to view reporting data, which is a deviation from legacy reporting and analytical processes and tools.<\/p>\n<p>To facilitate end-user access to the database layer, HANA provides a role-based access architecture to deploy privileges to the user base. HANA creates or utilizes these privileges to restrict actions that specific users can perform in the HANA database and the data that they can view through reports.<\/p>\n<p>The Fiori Gateway user interface (UI) introduces additional capabilities enabling user access via web or mobile devices. The ability to access SAP via the Fiori UI requires that we redesign our Microsoft SAP user-authorization model and processes to accommodate the new S\/4HANA UI and help ensure that users are able to perform only the activities for which they are authorized.<\/p>\n<p>As part of the S\/4HANA deployment, we\u2019ll redesign our SAP security role strategy to achieve a simple, business-friendly role design that enhances security and compliance, lowers maintenance costs, and helps Microsoft scale and adapt security as our environment changes.<\/p>\n<h3>Cybersecurity<\/h3>\n<p>Cybersecurity is another key component that Microsoft will address in the S\/4HANA-on-Azure platform by using the key components of AI and automation. We have a comprehensive, end-to-end program strategy that incorporates sophisticated code-scanning capabilities, threat and vulnerability management, standards-based authorization design and development, and system hardening. This will help ensure that we meet all Microsoft network security standards.<\/p>\n<h2>Leveraging Microsoft best practices<\/h2>\n<p>Our future-state SAP security platform\u2019s design will adhere to the Microsoft industry-recognized security principles and best practices that we use throughout the enterprise to drive risk identification and mitigation. Using analytics and automation, we\u2019ll use these security principles in all operational and user-access domains and areas. Security principles range from information protection, platform health, and identity management, to data telemetry and monitoring. We\u2019ll perform continuous risk management by using Azure security and compliance solutions and SAP\u2019s governance, risk, and compliance (GRC) structures for application-access provisioning and control.<\/p>\n<p>Since we began designing our future-state SAP security and compliance framework in November 2017, we have discovered new ways to leverage our existing capabilities and technologies. We\u2019ve also identified novel approaches to improving collaboration among our own IT and product teams, and between Microsoft and SAP. Examples include:<\/p>\n<ul class=\"c-list\">\n<li>Integrating with Azure Active Directory to enable SSO.<\/li>\n<li>Leveraging the power of HANA and Power BI to provide rich data analytics and visualization.<\/li>\n<\/ul>\n<p>Working in partnership with SAP, we\u2019re designing a future-state SAP security and compliance structure for the SAP-on-Azure environment by using industry-leading technologies and practices, and security-by-design principles. When our comprehensive redesign is complete, we\u2019re confident that our framework of integrated systems, tight controls, and monitoring technologies will help address and mitigate current and emerging risks. As leaders in developing enterprise software, Microsoft and SAP are collaborating closely to provide the preferred foundation for enabling a safe and trusted path to digital transformation for other enterprises.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This content has been archived, and while it was correct at time of publication, it may no longer be accurate or reflect the current situation at Microsoft. Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing [&hellip;]<\/p>\n","protected":false},"author":146,"featured_media":10833,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"_hide_featured_on_single":false,"_show_featured_caption_on_single":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[1],"tags":[],"coauthors":[674],"class_list":["post-10831","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","m-blog-post"],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Protecting SAP S\/4HANA data on Azure at Microsoft - Inside Track Blog<\/title>\n<meta name=\"description\" content=\"Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protecting SAP S\/4HANA data on Azure at Microsoft - Inside Track Blog\" \/>\n<meta property=\"og:description\" content=\"Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/\" \/>\n<meta property=\"og:site_name\" content=\"Inside Track Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-07-24T17:25:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-15T21:56:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1040\" \/>\n\t<meta property=\"og:image:height\" content=\"585\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Inside Track \u2013 retired stories\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Inside Track \u2013 retired stories\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/\",\"name\":\"Protecting SAP S\/4HANA data on Azure at Microsoft - Inside Track Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg\",\"datePublished\":\"2018-07-24T17:25:28+00:00\",\"dateModified\":\"2023-06-15T21:56:25+00:00\",\"author\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575\"},\"description\":\"Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg\",\"width\":1040,\"height\":585,\"caption\":\"Man working while wearing headphones in the Microsoft Cyber Defense Operations Center.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protecting SAP S\/4HANA data on Azure at Microsoft\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/\",\"name\":\"Inside Track Blog\",\"description\":\"How Microsoft does IT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575\",\"name\":\"Inside Track \u2013 retired stories\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/image\/ee0de87c339052d5d84852473bd7f213\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g\",\"caption\":\"Inside Track \u2013 retired stories\"},\"description\":\"The content on this page was crafted to highlight a specific moment in time or the solutions that have led us to where we are today. It offers valuable insights into our journey and the progress made over the years. Check out the Inside Track blog page for our up-to-date stories around Microsoft.\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/insidetrackarchive\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Protecting SAP S\/4HANA data on Azure at Microsoft - Inside Track Blog","description":"Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/","og_locale":"en_US","og_type":"article","og_title":"Protecting SAP S\/4HANA data on Azure at Microsoft - Inside Track Blog","og_description":"Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.","og_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/","og_site_name":"Inside Track Blog","article_published_time":"2018-07-24T17:25:28+00:00","article_modified_time":"2023-06-15T21:56:25+00:00","og_image":[{"width":1040,"height":585,"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg","type":"image\/jpeg"}],"author":"Inside Track \u2013 retired stories","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Inside Track \u2013 retired stories","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/","name":"Protecting SAP S\/4HANA data on Azure at Microsoft - Inside Track Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg","datePublished":"2018-07-24T17:25:28+00:00","dateModified":"2023-06-15T21:56:25+00:00","author":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575"},"description":"Microsoft recently migrated our SAP environment to Azure on the S\/4HANA platform, and we\u2019re already seeing greater agility, scalability, and efficiency. We recognized the importance of proactively addressing SAP security issues in Azure, and so we developed a strategy to protect SAP assets and data with Azure security solutions and SAP tools. We intend our environment to be secure by design, with integrated systems, tight controls, and effective monitoring so that we can mitigate current and emerging security risks.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#primaryimage","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg","contentUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg","width":1040,"height":585,"caption":"Man working while wearing headphones in the Microsoft Cyber Defense Operations Center."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-sap-s-4hana-data-on-azure-at-microsoft\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/insidetrack\/blog\/"},{"@type":"ListItem","position":2,"name":"Protecting SAP S\/4HANA data on Azure at Microsoft"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/","name":"Inside Track Blog","description":"How Microsoft does IT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575","name":"Inside Track \u2013 retired stories","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/image\/ee0de87c339052d5d84852473bd7f213","url":"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g","caption":"Inside Track \u2013 retired stories"},"description":"The content on this page was crafted to highlight a specific moment in time or the solutions that have led us to where we are today. It offers valuable insights into our journey and the progress made over the years. Check out the Inside Track blog page for our up-to-date stories around Microsoft.","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/insidetrackarchive\/"}]}},"jetpack_featured_media_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8127_hero.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9hcZA-2OH","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/10831"}],"collection":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/users\/146"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/comments?post=10831"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/10831\/revisions"}],"predecessor-version":[{"id":10836,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/10831\/revisions\/10836"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media\/10833"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media?parent=10831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/categories?post=10831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/tags?post=10831"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/coauthors?post=10831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}