One of the biggest but often overlooked considerations within moving to the S/4 platform is the issue of security. This is largely due to the introduction of SAP Fiori – a key aspect of S/4, which emphasises the role of mobile.
Fiori increases the accessibility of the suite to people across the organisation, wherever they are based – as users can access the platform through the cloud on any connected device. Fiori also offers a more user-friendly layout, which is easier for non-technical people to use and enables faster access to relevant information.
The result will be greater productivity and efficiency – as all users will have better and more flexible access to relevant systems and information, wherever they are. Yet this improved mobility also has its drawbacks when it comes to security, as it opens up many potential routes into core business systems and data.
Increased mobility means increased risk
The main security challenges presented by SAP Fiori are as follows:
- Increased mobility means that data can now be transferred over a 4G signal, which is not as secure and is easier to hack into.
- If a device falls into the wrong hands, due to theft or loss, that person could then gain access to the enterprise’s system.
- Access is possible from public Wi-Fi networks, which are more easily intruded upon.
- End-user devices might not be patched or properly secure – potentially leaving the whole system open to bugs and cyber attacks via a compromised device.
But these security concerns, if they are addressed properly and comprehensively, can be mitigated. Good design, preparation and practice will allow the network and devices to be effectively managed and secured.
How to navigate the security risks
These five activities will help to negate the security risks associated with S/4 Hana and keep enterprise systems safe.
- Set up an external gateway. This is a gateway that resides outside the organisation’s own network and requires users to log in using a set protocol. This adds an additional layer of security to the login process that protects the network.
- Ensure encryption is enabled. Encrypting files and making them unreadable without the correct encryption key significantly enhances security. Even if someone does manage to gain access to these files, they won’t be able to do anything with them. Enabling end-to-end encryption ensures that communications between SAP and users cannot be intercepted, even if they are using public Wi-Fi hotspots.
- Introduce certification protocols. The system can be secured, and unauthorised users kept out, through the introdution of certification protocols, so that each user has to be certified before accessing an organisation’s system.
- Develop strong and effective mobile device management. Controlling device access to company networks and data keeps the enterprise on top of who is doing what with which devices, so it can feel confident that mobile users are working within company policies. This requires a robust approach to the management of mobile devices, which will ensure knowing where devices are and keeping them up-to-date and patched. Usage should also be monitored to make sure that password standards, and other configurations, are being enforced.
- Improve intrusion detection and prevention through network traffic monitoring. Traffic across the network should be automatically monitored and analysed to check for any suspicious usage patterns. This protects the system from network-based threats. If and when threats are discovered, the system can take necessary actions to keep the business safe – such as by notifying administrators, or immediately barring the source IP address from accessing the network.
The introduction of S/4 Hana offers an incredible opportunity. Thanks to the ground-breaking introduction of Fiori, it dramatically modernises the user experience and speeds up planning, execution and collaboration.
However, the potential security risks that come with the new platform cannot be ignored, making it a careful balancing act. Overly restrictive controls would be counter-productive to the huge benefits offered by S/4 and Fiori as they would take away the increased mobility offered by the platform and potentially harm the business case.
So, it requires a collaborative approach with security experts working closely with the wider transformation team. This will help to ensure risks are addressed before, during and after the migration process – ensuring systems, data and devices are secure, while users can work more productively.