Protecting Your Data – And Your Business
From computer viruses to denial-of-service attacks to theft of customer information, security threats have never been greater. And the value of your information assets is only increasing. That's why SAP is dedicated to developing the most secure enterprise software, and to helping ensure the security of your enterprise operations.
SAP combines the technology, solutions, and services to address the three pillars of information security:
- People – SAP offers services that can help you raise awareness of security issues among employees and establish easy-to-follow security guidelines and policies. Our broad selection of education offerings ensures that your people have the knowledge they need to protect your systems and processes.
- Processes – SAP provides consulting and support services that focus on risk assessment and management, helping you understand security as a business issue and ensuring that all work routines and processes are secure. We also offer a broad range of solutions to help you manage governance, risk, and compliance (GRC). And we practice what we preach: SAP's internal IT processes have been awarded ISO 27001:2005 certification.
- Technology – All SAP solutions are designed to meet the highest security standards. And with theSAP NetWeaver technology platform, you have the technology foundation you need to ensure the security of your heterogeneous infrastructure.
Secure Solutions
SAP solutions are built from the ground up to ensure the highest levels of security in the most sensitive environments. SAP follows rigorous security standards in the design and development of all its solutions, and SAP application developers receive extensive security training. SAP software development is certified according to the ISO 9001:2000 standard. Our technology has also received a level 4+ common criteria certification for SAP NetWeaver Application Server (SAP NetWeaver AS) 7.02 Java, support package 3. More details on the common criteria certification and the certification report in full are available on SAP Service Marketplace.
In addition, SAP follows a thorough security response process. SAP solutions are further secured through SAP software partners, and the security of SAP solutions is verified through partner testing.
The SAP NetWeaver platform is based on a state-of-the-art security infrastructure, including network and communications security, auditing capabilities, as well as web services security capabilities. In addition, two dedicated security solutions focus on the specific challenges customers are faced with in heterogeneous IT landscapes:
- SAP NetWeaver Identity Management – The SAP NetWeaver Identity Management (SAP NetWeaver ID Management) component provides centralized tools for managing the entire user life-cycle across highly diverse system environments. It automates processes such as employee on-boarding, position changes, and access rights management for external users while ensuring compliance and auditability.
- SAP NetWeaver Single Sign-On – With the SAP NetWeaver Single Sign-On application, customers can set up secure single sign-on and single log-out scenarios tailored to their individual requirements, including all SAP GUI types, web applications, and identity federation across domain boundaries. Based on standards such as X.509 certificates, Kerberos and the security assertion markup language (SAML), SAP NetWeaver Single Sign-On is a highly flexible solution that can be configured to meet even the highest corporate security standards.
Security Services
SAP offers key security services to protect your information assets:
Plus, SAP's security offerings are enhanced through our investment in security best practices.
Customers Interested in Information Security Are Also Interested in: