Data Storage and Network Security for the SAP HANA Service – by the SAP HANA Academy
LATEST UPDATE: September 1, 2020 =========================================
The SAP Cloud Platform, SAP HANA Service will be retired in 2021. For more information, see
For the latest information about SAP HANA database-as-a-service, visit our blog post series about SAP HANA Cloud:
We do not have access to the file system or the operating system for the SAP HANA Service, so how we control data storage encryption and network security works differently compared to on-premise SAP HANA.
Root key management, however, still works the same, and to stay in control of how your system is encrypted, it is important to understand encryption root key management. In particular, because if you do not manage your data volume and backup encryption root keys properly, it may be difficult if not impossible to recover your database. Cloud or not.
Encryption is always On for the data and log volume, and for backups.
In the video tutorial below, we show how you can create encryption root key backups and how to access your keys. Network security and the Instance and SystemPKI SSFS are also covered.
You can use the Manage Keys app to change the root encryption keys, make a backup, or change the root key backup password.
There are encryption root keys for the data and log volume, for backups, and for the application encryption service. These keys are stored inside the Instance SSFS managed by the cloud provider. The password-protected backup of the root keys is stored and managed by you.
The certificates stored in the system PKI SSFS are also managed by the cloud provider. These certificates are used to encrypt communication between different server processes (indexserver <-> nameserver) or between different sites in case of system replication.
The tutorials has been posted to the following playlists:
For the documentation, see
- Managing Server-Side Data Encryption – SAP HANA Security Guide for SAP HANA Service
- Secure Stores in the File System (SSFS) – SAP HANA Security Guide
- 2159014 – FAQ: SAP HANA Security
- SAP HANA Security
Thank you for watching
The SAP HANA Academy provides free online video tutorials for the developers, consultants, partners and customers of SAP HANA.
Topics range from practical how-to instructions on administration, data loading and modeling, and integration with other SAP solutions, to more conceptual projects to help build out new solutions using mobile applications or predictive analysis.
For the full library, see SAP HANA Academy Library – by the SAP HANA Academy.
For the full list of blogs, see Blog Posts – by the SAP HANA Academy.