SAP data encryption and tokenisation solutions

Tokenise data and control access in SAP S/4HANA and SAP ECC

Thales and SAP have established a co-innovation partnership to provide an integrated data protection solution for SAP S/4HANA and SAP ECC. Thales CipherTrust Tokenisation is the first SAP-certified tokenisation solution available to SAP customers that can be used to secure sensitive data.

Thales' CipherTrust Tokenisation in the SAP Data Custodian was developed by both organisations through SAP's Co-Innovation Lab, ensuring the security of sensitive data at the most fundamental levels of the application.  

With this joint solution, SAP customers can choose to tokenise specific fields and assign access policies that determine which users have access to sensitive data.

Key features and benefits:

• Schrems II alignment by masking protected data from CSPs, outsourced contractors, developers and internal privileged access users
• Go live with sensitive data in production deployments within days rather than in months
• Access controls ensure only authorised users or applications can view tokenised data
• Thales CipherTrust Manager provides root-of-trust key protection to help attain FIPS 140-2 Level 3 regulatory requirements
• Co-innovation certification ensures seamless integration and performance

Request info   Read the solution brief

External key management for SAP applications

Thales and SAP now offer external, multi-cloud key lifecycle management for SAP applications. With the integration between SAP’s Data Custodian and the Thales CipherTrust Cloud Key Manager, organisations can seamlessly manage the encryption key lifecycle of SAP applications from the same pane of glass as their other cloud encryption implementations. 

By adding CipherTrust Cloud Key Manager, highly regulated customers can externally root their encryption keys in in support of Bring Your Own Keys (BYOK) data security policies.

Key features and benefits:

• Generate encryption keys with HSM-based entropy and bring them to your SAP applications
• Improve IT efficiency with centralised key lifecycle management across multiple cloud environments
• Comply with the most stringent data protection and sovereignty mandates with encryption and key management
• Simplified compliance reporting with detailed audit logs and prepackaged reports
• Root keys in up to FIPS 140-2 Level 3 security by leveraging CipherTrust Manager or Thales Luna HSMs

Request info   Read the solution brief

Simplify SAP HANA data encryption

CipherTrust Transparent Encryption for SAP HANA enables enterprises to run high-volume/high-value data for mission-critical real-time applications in a manner that can be trusted whether on-premises or in the cloud. The solution provides greater control with separation of duties and policies for SAP HANA data encryption, with minimal administration.

Key features and benefits:

• Address business and industry compliance obligations even when data resides in the cloud
• Establish safeguards to structured and unstructured data in SAP HANA’s Persistence layer, associated databases and log and configuration files
• Encrypt HANA data and log volumes at the file system level with minimal overheads without re-architecting the database or application
• Enforce flexible customer-defined policies for access controls and audits
• Safeguard and manage associated encryption keys, allowing cloud service users to be their own custodians
• FIPS 140-2 Level 1, 2 or 3 certified root of trust for key management

Request info   Read the solution brief