With an eye on 2027, many companies using SAP’s enterprise management solution (SAP ERP 6.0) are wondering when is the best time to start their migration to S/4HANA and whether it is a good time to enhance their system security.
As we know, the types of maintenance offered by SAP are as follows:
- Mainstream Maintenance: standard maintenance support service for applications. For SAP Business Suite 7 (SAP ERP 6.0) it ends on 12/31/2027.
- Extended Maintenance: extended support maintenance service until 12/31/2030. It has an additional cost and is included in RISE.
- Customer-Specific Maintenance: basic maintenance support service with no expiration date. It has an additional cost for addressing unknown issues.
How does the choice of architecture affect security?
- In an On-Premise architecture, the organization is responsible for security and access.
- In a Cloud architecture, the organization is responsible for access and application layer security, but not the rest of the system security.
When preparing for the transition to S/4HANA, how does the transition approach affect system security?
- New Implementation:
- Security by default in SAP systems installed from 2021 onward.
- Need to define a role model (authorizations).
- System Conversion/Selective Data Transition (migration):
- Possibility to increase system security during the migration process.
- Need to adapt the role model to S/4HANA.
When it comes to migration, when is the best time to improve security and access?
- Before migration: it is a good option for those organizations planning the migration to S/4HANA and want to improve system security in the meantime, as migrating a role model based on best practices to S/4HANA is very straightforward.
- During the migration: it is the ideal option, as it leverages the effort of reviewing business processes to validate changes in security and the role model.
- After migration: less recommended scenario, as it would involve revalidating all business processes with the new security options and the new role model.
Regarding SAP security during the migration to S/4HANA, SAP has a security standard, called the SAP Security Baseline, which is applied by default to all SAP systems installed from 2021. This standard covers ABAP, JAVA, HANA databases, and BTP technologies.
If the organization starts from an SAP ERP 6.0, it can apply this standard before migrating to SAP S/4HANA or during the migration process and take advantage of the system validation process.
At Inprosec, we specialize in helping companies increase the security levels of their SAP systems, as well as improve user access management and reduce risks of segregation of duties to comply with the principle of least privilege. If you need to delve deeper into any of these aspects, do not hesitate to contact us.
