Cloud Myth Busting: Myth #4: Running mission-critical systems in the cloud is not secure
Welcome to the 4th in a series of blogs to dispel myths about SAP and the Cloud. Today we will debunk the myth that you shouldn´t run mission-critical systems in the cloud.
What is the origin of this myth?
With the arrival of new technologies, increased bandwidth on the web and a growing diversity of cloud computing appliucations, many customers are rethinking what portion of their IT solutions would make sense to move into the cloud. Till now their choices have been limited to point solutions, increasingly we see a much broader portfolio under investigation. It will transforms the whole industry as well as customer´s IT organizations.
Companies will receive more commoditized services from all the cloud stacks: SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service). The evolution of system landscapes from classical on-premise via the extension of on-premise with cloud will result in a landscape transition. It will stay heterogeneous and complex but with a significantly broader cloud portion; and it will require significant effort and re-engineering of customer´s business processes.
Security has been and still is #1 concern for enterprise organizations when taking cloud decisions, reading about an average 20k attacks/day on professional managed data centers does not set anybod’s mind at ease. In our post Snowden/PRISM world we see a lateral movement prioritizing data privacy within the security stack even higher; however the pressures along the security isobars of IT are high.
A customer recently expressed: “It is about IP rights and the value of our company. The recipes in our core ERP system are the result of our ongoing R&D investments. Combined with the Supplier and Customer Relations it represents a huge portion of our company value. We need confidence that our IP is secure, wherever we take it”.
Especially as it is a hot topic, a sense of proportion needs to be brought to this emotional conversation to ensure that trust is not lost.
Here are the facts
When talking about cloud security, it’s hard to not mention technical terms like certificates, patches, visualization, mulch-tenancy, encryption, adaptive computing. Each of these technologies plays an important role in providing best-in-class cloud services. A well managed infrastructure needs to be a given.
- Enjoy a Tour through our main European Data center www.sapdatacenter.com which provides you with a lot of details on our infrastructure
- Also listen to our data center operations team http://www.youtube.com/watch?v=dLWHQqHjqLs
- Data center standards like SSAE16 SOC2 Type II certification, ISO 27001 certification, 128-Bit Data Encryption http://en.sap.info/the-data-center-at-your-fingertips/98028
- Our Cloud Data center designed to meet Tier-4 standard (99,995% availability)
- PCI compliance for secure financial and payment transactions
In our view, trust and confidence matters even more than managing the technology stacks .
It´s about trust and experience
SAP handles data with the utmost discretion and strives to deliver services and support that allow business-critical processes to run securely. SAP is used to working with sensitive customer data for 4 decades now.
Whilst we are transitioning rapidly into a Cloud Company with a comprehensive cloud portfolio data security and data privacy stays part of our DNA – and our investments into employees, applications, organization, systems, networks and data center. Trainings like our mandatory “Human Firewall” Course for every single employee perfectly document it.
We protect our customers against unauthorized data access and misuse, as well as confidential data disclosure. We helped many customers moving with mission-critical functionality into the cloud already. SAP has 6.000 SaaS customers, and many ERP cloud customers e.g. Amo Kids (Brazil).
- Glauber Lessa, General Director of Amo Kids: “No dedicated resource is necessary to run SAP Business Cloud. It is very easy to use and it provides an infrastructure that can evolve with our business needs.” http://de.slideshare.net/richardduffy/innovation-slides-01-100813
- Dr. Norbert Kleinjohann, CIO Siemens AG: “SuccessFactors (SAP Cloud for People) has become the global IT standard for our core HR processes, Recruiting and People Development.” http://www.successfactors.com/content/dam/successfactors/en_us/resources/case-studies/siemens-ag-cs.pdf
Furthermore, SAP hosts more than 1.6 million companies collaborating on >$600B worth of commerce annually on our Business networks.
Think global but act local is Key. Local presence of data centers matters much more in the Post-PRISM-world. Companies worry where the data is located physically. The strictness of European regulations and especially regulations in Germany (Germany’s Federal Data Protection Act which is known as Bundesdatenschutzgesetz or BDSG – The laws have been reformed fundamentally in 2009 to cover a range of data protection-related issues), can help build trust when deciding on a geographical storage location for customers data.
- SAP recently announced to invest in new data center locations to broaden the footprint http://www.infoworld.com/d/data-center/sap-seeks-edge-nsa-surveillance-worries-227944
SAP is the leading provider for Enterprise business software – we invested and will further invest heavily to stay on top for many years to come.
We help customers and partners to move to the cloud, and we learn every day through co-innovation. We listen carefully to our customer´s voice to embrace the future together. Cloud Computing will become an additional deployment option in a heterogeneous but integrated future landscape.
Interested to read more? Here is our cloud fact book.
Next time we will talk about Myth #5: Business in the cloud is not proven.
Looking forward seeing you here again.
Cloud Myth Busting: facts and figures of SAP ́s cloud business
- Myth #0: SAP is not a cloud company
- Myth #1: SAP is not a cloud player
- Myth #2: SAP software is hard to use
- Myth #3: You have to stay on premise – or move to the cloud
- Myth #4: Running mission-critical systems in the cloud is not secure
Read other relevant blogs: