Data Security for SAP Environments

With the Vormetric Data Security Platform, your organization can implement the robust encryption and key management capabilities required to establish strong safeguards for sensitive data in SAP environments

SAP Data Security

Software from SAP represents a core operational foundation for many of the world’s largest enterprises, powering such core applications as enterprise resource planning, data warehousing, materials management, and more. Instituting SAP data security represents a critical requirement and a high-stakes effort.

The Vormetric Data Security Platform enables you to encrypt and secure sensitive assets in your SAP applications and databases.

SAP has qualified Vormetric Transparent Encryption v6.0.3 with HANA v2.0 to deliver data encryption, key management, privileged user access control, and granular file access audit logs. To learn more visit the SAP App Center.

Headquartered in Walldorf, Germany with regional offices in 180 countries, SAP develops enterprise software to manage business operations and customer relations. As a market leader in enterprise software, SAP is at the center of today’s business and technology revolution. SAP innovations help 365,000 customers worldwide work together more efficiently and use business insight more effectively.

SAP HANA is an in-memory, column-oriented, relational database management system developed by SAP. Deployable on premises or in the cloud, SAP HANA lets organizations accelerate business processes, deliver more business intelligence, and simplify their IT environment. By providing the foundation for all data needs, SAP HANA removes the burden of maintaining separate legacy systems and siloed data, so organizations can run live and make better business decisions in the new digital economy.

SAP HANA works with Thales Vormetric Transparent Encryption (VTE) to create and enforce policies to protect data and log volumes, and prevent unauthorized system administrator, root user, and privileged users from accessing data. VTE also encrypts data and log volumes in a cloud service provider infrastructure – allowing the customer to be the custodian of the encryption keys. VTE can be quickly deployed to secure data – requiring no change to SAP, the underlying database, or hardware infrastructure. The approach enables enterprises to meet data governance requirements with rigorous separation of duties.

Thales provides a proven approach to securing SAP data that meets rigorous security, data governance, and compliance requirements. Whether securing an existing SAP deployment or upgrading to a new version, Thales delivers a proven approach to quickly secure SAP data while ensuring continued operation at optimal performance. Thales is a SAP Silver Partner, and VTE has been qualified to work in SAP HANA solution environments.

Solution Capability   Explanation
Centralized key management   DSM is a centralized key manager for Vormetric Encryption as well as other encryption systems in enterprise
Separation of duties   Well defined, strong separation of duties between data administrators and security administrators
Audit Logs   Logs events that help with compliance and audits
Security Intelligence   Logs easily integrated with SIEMs to provide security intelligence and reduce APT attack surfaces
Structured and unstructured data   Use for SAP HANA, other databases, log and config files and all other kinds of files
Privileged User control   Control privileged user access and reduce APT risk surface
Performance and scalability   Proven in the field, high-performance and scalability
Security Standards   FIPS 140-2 Level 3 compliance; Common Criteria certification pending
Database coverage   All databases, big data systems and unstructured file types
Cloud ready   Runs across physical, virtual and cloud environments; Multi-tenant capabilities of DSM

Additional Resources


Solution Brief : Vormetric Data Security for SAP



Research and Whitepapers : SAP Data Protection