sep backup sap [shutterstock: 1378498490, solarseven]
[shutterstock: 1378498490, solarseven]
Blog Security

How To Efficiently Secure Your SAP Systems

SAP systems are business critical. Data volumes are increasing, cyber threats and compliance regulations are on the rise. Optimal backup and quick recovery solutions as well as efficient data storage are becoming ever more important.

Business-critical SAP data require a comprehensive business continuity plan, based on Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO), as well as the requirements and policies of the business. The backup solution would need to be SAP-certified and cover the applications, databases, operating systems, and virtualization platforms in use so that everything can be backed up with a single solution. This is an important part of a solid business continuity plan. In the event of a disaster, the solution ensures that all data and information in a user environment are fully recovered, ideally on-premises as well as in the cloud and for virtualized and physical environments.

Legal requirements

Compliance with legal requirements such as the European GDPR in heterogeneous IT environments must be taken into account. There are many technological approaches that contribute to compliance with legal requirements, such as encryption of backups on backup media (tape, DataStore, dedup) and of the data stream and communication, an external password for restores according to the dual control principle, media disruption (support of offline and WORM media), backup of data at different levels (for example, at the hypervisor and application level), cross-site data protection, automatic migration or copying of backup data to different backup media, network security, planned and automatic restore on stand-by systems (verification of backups – can also be used for audits) and disaster recovery tests during operation including reporting for physical and virtual environments.

For increased backup efficiency, i.e., significant backup data reduction, there are global dedup software solutions that also use encryption for deduplication and replication, including an effective algorithm for high dedup rates, high performance by means of parallel threads, and complete inline-in-memory without post-processing. After splitting the data stream into blocks and compressing each block, each individual block can be encrypted by an arbitrarily definable key. To restore the data, the key can be stored in the database of the backup server or the data owner must authorize a restore with his personal key. This encryption guarantees BSI conformity. Global software deduplication completely encompasses backup, replication, and client side. Software dedup can come close to matching the performance of a native DataStore for backup, restore and migration, according to current benchmarks. Dedup can also be used directly to the cloud (direct-to-S3) without the detour of on-premises storage for cost- and performance-optimized operations in AWS or to leverage SDS storage.

Dedup in practice

One example of a company that successfully uses dedup for backup is the managed service provider Collogia IT Services, which operates in the SAP environment in a broad customer base. It uses an SAP-certified backup solution for its Hana environment, Red Hat virtualization and Windows servers, which also includes deduplication. The backup covers the entire IT infrastructure, which means simplified management, central monitoring of backups and the backup environment, such as the occupancy of the data areas, so that the backup of the customer’s data is always kept in view and a data recovery can be initiated in the shortest possible time.

Source:
E-3 Magazine March 2022 (German)

About the author

Andreas Mayer, SEP

Andreas Mayer is Senior Marketing Manager at SEP.

Add Comment

Click here to post a comment

Social Media

Sign up for e3zine´s biweekly newsbites

Please do not use administrative mail adresses like "noreply@..", "admin@.." or similar as these may get blocked for security reasons.

We use rapidmail for dispatching our newsletter. By signing up, you agree that the data you have entered will be transmitted to rapidmail. Please take note of their terms and conditions and privacy policy. terms and conditions .


Our Authors