|[February 08, 2017]
New Securosis Whitepaper Examines Security Model for SAP Cloud Deployments
Securosis, an independent research and analysis firm dedicated to
thought leadership, objectivity, and transparency, today, with Onapsis,
released a whitepaper outlining the foundational security elements
organizations should build on when migrating their SAP (News - Alert) applications to
the cloud. "Securing SAP Clouds," based on research by Securosis and
made available via Onapsis,
the global experts in SAP and Oracle (News - Alert) application cybersecurity and
compliance, covers various topics such as how cloud services are
different, how it affects SAP implementations and then maps existing
security controls to fit within cloud deployments.
Migrating SAP applications to a cloud environment is a complicated
process which requires security to be a top priority. However, unlike
transitioning other business applications to the cloud, there is no
singular model for what SAP cloud security looks like. This is because
many SAP applications are heavily customized and applying the same
on-premise strategy to the cloud will result in an insecure
implementation.
"Proper implementation is tricky - if you simply 'lift and shift' your
old model into the cloud, we know from experience that it will be less
secure and cost more to operate. To realize the advantages of the cloud
you need to leverage its new features and capabilities - which demands a
degree of reengineering for architecture, security program, and
process," said Adrian Lane, Analyst and CTO, Securosis.
"We have been receiving an increasing number of questions on SAP cloud
security, so this research paper is intended to tackle major security
issues for SAP cloud deployments. When we originally scoped this
research project we were going to focus on the top five questions people
had, and quickly realized that grossly under-served the audience needs
for a more comprehensive security plan," continued Lane.
"Securing SAP Clouds" covers the division of responsibility between an
organization and the cloud vendor, which tools and approaches are
viable, changes to the security model and advice for putting together a
cloud security program for SAP.
"This whitepaper is a must-read for anyone looking to migrate and run
their SAP systems to the cloud. Adrian does a great job of outlining
what organizations should be cautious of when planning their migration,
and provides detailed information for setting up an effective strategy
for securing such critical data," said Mariano Nunez, CEO and
co-Founder, Onapsis.
To downoad "Securing SAP Clouds" please visit: https://www.onapsis.com/securosis-whitepaper-securing-sap-cloud.
On March 2nd at 2pm EST, Securosis and
Onapsis will host a webcast titled "Securing SAP Clouds" to further
discuss this topic. For more information, or to register, please visit: https://www.onapsis.com/news-and-events/webcasts/webcast-securing-sap-clouds.
About Securosis
Securosis is an information security research and advisory firm
dedicated to transparency, objectivity, and quality. We are totally
obsessed with improving the practice of information security. Our job is
to save you money and help you do your job better and faster by helping
you cut through the noise and providing clear, actionable, pragmatic
advice on securing your organization.
About Onapsis
Onapsis cybersecurity solutions automate the monitoring and protection
of your SAP applications, keeping them compliant and safe from insider
and outsider threats. As the proven market leader, global enterprises
trust Onapsis to protect the essential information and processes that
run their businesses.
Headquartered in Boston, MA, Onapsis serves over 200 customers including
many of the Global 2000. Onapsis' solutions are also the de-facto
standard for leading consulting and audit firms such as Accenture (News - Alert),
Deloitte, E&Y, IBM, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform, which is the
most widely-used SAP-certified cyber-security solution in the market.
Unlike generic security products, Onapsis' context-aware solutions
deliver both preventative vulnerability and compliance controls, as well
as real-time detection and incident response capabilities to reduce
risks affecting critical business processes and data. Through open
interfaces, the platform can be integrated with leading SIEM, GRC and
network security products, seamlessly incorporating enterprise
applications into existing vulnerability, risk and incident response
management programs.
These solutions are powered by the Onapsis Research Labs which
continuously provide leading intelligence on security threats affecting
SAP and Oracle enterprise applications. Experts of the Onapsis Research
Labs were the first to lecture on SAP cyber-attacks and have uncovered
and helped fix hundreds of security vulnerabilities to-date affecting
SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as
well as Oracle JD Edwards and Oracle E-Business Suite platforms.
Onapsis has been issued U.S. Patent No. 9,009,837 entitled "Automated
Security Assessment of Business-Critical Systems and Applications,"
which describes certain algorithms and capabilities behind the
technology powering the Onapsis Security Platform™ and Onapsis X1™
software platforms. This patented technology is recognized industry wide
and has gained Onapsis the recognition as a 2015 SINET 16 Innovator.
Onapsis and Onapsis Research Labs are registered trademarks of Onapsis,
Inc. All other company or product names may be the registered trademarks
of their respective owners.
