SAP software is the core operational foundation for many highly regulated organizations, supporting essential applications such as enterprise resource planning, data warehousing, and materials management.
Encryption solutions have long been crucial for protecting data and ensuring compliance with regulatory requirements. However, this raises questions about who owns and controls the infrastructure environment and the data, including the related encryption keys.
Thales guarantees data security in SAP environments by offering key generation, separation of duties, reporting, and key lifecycle management solutions.
Thales and SAP offer external, multi-cloud key lifecycle management for SAP applications, allowing organizations to protect sensitive data while maintaining control over their encryption keys. With the integration of SAP Data Custodian Key Management Service (SAP Data Custodian KMS) and Thales CipherTrust Cloud Key Management (CCKM), highly regulated enterprises can externally root their encryption keys, enabling Bring Your Own Keys (BYOK) and Hold Your Own Keys (HYOK) data security policies.
Key features and benefits:
CipherTrust Transparent Encryption for SAP HANA enables enterprises to run high-volume/high-value data for mission-critical real-time applications in a manner that can be trusted, whether on-premises or in the cloud. The solution offers enhanced control through the separation of duties and policies for SAP HANA data encryption, with minimal administrative requirements.
Key features and benefits:
[Thales] facilitates the control of data, preventing access from people that might have the rights of access but not the privilege."
On the surface, encrypting the database instance using SAP native encryption would appear to be sufficient to protect data at rest within the SAP HANA database. But, enterprises storing sensitive data in an SAP HANA database need to consider exactly where in and around the database sensitive data might reside -- even outside the direct control of the Database Administrators (DBAs). To give an example, an SAP HANA database might encounter an error causing it to send information with sensitive data into a trace file or an alert log.
Encryption key lifecycle management for BYOK, HYOK and cloud native keys
Quickly secure data in SAP HANA environments, while ensuring applications continue to deliver optimal performance
Get in contact with an SAP Data Security specialist