SAP Data Encryption Solutions

Thales enables full customer-controlled Encryption Key Management for SAP HANA databases and SAP applications running across clouds

SAP software is the core operational foundation for many highly regulated organizations, supporting essential applications such as enterprise resource planning, data warehousing, and materials management.

Encryption solutions have long been crucial for protecting data and ensuring compliance with regulatory requirements. However, this raises questions about who owns and controls the infrastructure environment and the data, including the related encryption keys.

Thales guarantees data security in SAP environments by offering key generation, separation of duties, reporting, and key lifecycle management solutions.

SAP

External key management for SAP applications

Thales and SAP offer external, multi-cloud key lifecycle management for SAP applications, allowing organizations to protect sensitive data while maintaining control over their encryption keys. With the integration of SAP Data Custodian Key Management Service (SAP Data Custodian KMS) and Thales CipherTrust Cloud Key Management (CCKM), highly regulated enterprises can externally root their encryption keys, enabling Bring Your Own Keys (BYOK) and Hold Your Own Keys (HYOK) data security policies.

Key features and benefits:

  • Securely generate, store, and protect customer-managed encryption keys
  • Improve IT efficiency and reduce costs by simplifying key management
  • Maximize choice from a single console, manage BYOK and HYOK keys across multiple clouds
  • Comply with the most stringent data protection and sovereignty mandates such as GDPR, LGPD, PCI-DSS, and CCPA
  • Simplify compliance reporting with detailed audit logs and prepackaged reports
  • Root keys in up to FIPS 140-2 Level 3/FIPS 140-3 Level 3 security by leveraging CipherTrust Manager or Thales Luna HSMs

Simplify SAP HANA data encryption

CipherTrust Transparent Encryption for SAP HANA enables enterprises to run high-volume/high-value data for mission-critical real-time applications in a manner that can be trusted, whether on-premises or in the cloud. The solution offers enhanced control through the separation of duties and policies for SAP HANA data encryption, with minimal administrative requirements.

Key features and benefits:

  • Address business and industry compliance obligations even when data resides in the cloud
  • Establish safeguards to structured and unstructured data in SAP HANA’s persistence layer
  • Encrypt HANA data and log volumes at the file system level without re-architecting the database or application
  • Enforce flexible customer-defined policies for access controls and audits
  • Safeguard and manage associated encryption keys, allowing cloud service users to be their own custodians
  • Root keys in up to FIPS 140-2 Level 3/FIPS 140-3 Level 3 security by leveraging CipherTrust Manager or Thales Luna HSMs
[Thales] facilitates the control of data, preventing access from people that might have the rights of access but not the privilege."
Damian McDonald VP of Global Information Security Becton, Dickinson and Company Read the Case Study
BD

Recommended resources

Protecting sensitive data in and around SAP HANA

On the surface, encrypting the database instance using SAP native encryption would appear to be sufficient to protect data at rest within the SAP HANA database. But, enterprises storing sensitive data in an SAP HANA database need to consider exactly where in and around the database sensitive data might reside -- even outside the direct control of the Database Administrators (DBAs). To give an example, an SAP HANA database might encounter an error causing it to send information with sensitive data into a trace file or an alert log.

Get the White Paper

Related products

CipherTrust Cloud Key Manager

Encryption key lifecycle management for BYOK, HYOK and cloud native keys

Learn More

CipherTrust Transparent Encryption for SAP HANA

Quickly secure data in SAP HANA environments, while ensuring applications continue to deliver optimal performance

Learn More

Learn more about our market-leading solutions

Get in contact with an SAP Data Security specialist

Contact Us