Skip to Content
Contact Us
Chat Now Chat Offline
Get live help and chat with an SAP representative.
Contact Us
E-mail us with comments, questions or feedback.

Get started now

Previous Next

SAP HANA security overview

Learn about different SAP HANA scenarios as well as security functions – including access control, data encryption, and data center integration. Gain an understanding of security in the software lifecycle, from secure development to security patches.  

Insight into security features

Get the details on SAP HANA security, including network and communications security, user management, authentication and single sign-on, authorization, data storage security, and more. Get access to a wealth of security reference information.  

Data anonymization

Explore the opportunities anonymization offers. Use your data in new value add scenarios for your business. Include data you could not leverage previously due to privacy or security considerations.

Manage Secure Information Access

Manage and control compliant access to your critical data

As an SAP customer, you understand that protecting your company's critical data from unauthorized access and ensuring compliance are top priorities. Learn about the different features and functions of SAP HANA that allow you to manage and control who can access your data.
Previous Next

Role and privilege management

SAP HANA’s comprehensive authorization framework provides highly granular access control. Roles are used to bundle and structure privileges into sets of privileges for dedicated user groups. Privileges are based on standard SQL object privileges and SAP HANA-specific extensions for business applications.

User and identity management

SAP HANA provides tools for user administration and role assignment, as well as adapters for SAP Identity Management and SAP Access Control, which allow integration into existing user provisioning infrastructures. LDAP group integration for authorization purposes is also provided. To connect custom user provisioning solutions, an SQL interface is available.
Previous Next

Authentication and single sign-on

Access to SAP HANA data, functions and applications requires authentication. SAP HANA offers several authentication options, which can be configured per user. For password login, a password policy governs change frequency, password complexity and other password related security settings. SAP HANA also supports LDAP authentication. In addition, several standard based single sign-on (SSO) options are available: Kerberos/SPNEGO, SAML, SAP logon and assertion tickets,  X.509 certificate.

Audit logging

SAP HANA offers highly configurable, policy based audit logging for critical system events, for example, changes to roles or the database configuration. It can also record access to sensitive data: write and read access to objects such as tables or views, as well as the execution of procedures. For situations where a highly privileged user needs temporary access to a critical system, firefighter logging can be enabled. Integration into existing logging infrastructures is possible using Linux syslog.

Manage Secure System Setup

Secure system set-up, administration and operation

SAP HANA is designed to run in different scenarios, environments, and infrastructures in a secure fashion. Incorrectly configured security settings are one of the most common causes of security problems. That’s why SAP offers support tools, settings, and information to help you to run SAP HANA securely in your environment.
Previous Next

Secure communication

SAP HANA supports TLS/SSL connection encryption for network communication channels. Encryption of client-server communication (external channels) can be enforced. For internal channels, a public-key infrastructure (PKI) is automatically set up during installation. Network communication channels (purpose, ports) are documented in detail, including recommendations on the use of firewalls and network zones.

Encryption and data masking

Full data-at-rest encryption (including redo log encryption), application data encryption (including encryption APIs), and native backup encryption are part of SAP HANA’s core feature set. Dynamic data masking functionality is available to mask data. SAP HANA supports SAP’s standard FIPS-certified cryptographic library.
Previous Next

Secure administration and configuration

For monitoring security-related settings, administrators can use SAP HANA tools (for example, the security dashboard in the SAP HANA cockpit), as well as other SAP tools such as SAP Solution Manager. SAP HANA comes with a checklist of critical security settings in the SAP HANA Security Guide.

Security Infrastructure Integration

SAP HANA supports industry standards (e.g. SAML) and documented interfaces to enable integration with the customers’ security network and datacenter infrastructures such as for single-sign-on, identity management, audit logging, compliance tools and, threat detection and anti-virus checking.

Manage software security and patching

SAP develops secure software

The security of your environment depends significantly on how securely the underlying products are developed, and all systems being kept up to date with the latest security patches and updates.

As the global leader in business software, SAP takes the security of its customer data seriously. At the core of our development processes is a comprehensive security strategy based on the secure software development lifecycle.

SAP stands for secure and reliable software solutions.

Previous Next

Security patches and updates

It is important that customers are always aware of the newest security fixes provided for SAP HANA 1.0. Security fixes are delivered as SAP HANA revisions and can be applied using SAP HANA’s lifecycle management tools. Security fixes are announced on the monthly SAP security patch day according to the general SAP security patch strategy in SAP security notes.

Security services by SAP

SAP offers a wide range of security tools and services to ensure the smooth operation of your SAP solution by taking action proactively, before security issues occur.

Secure software development lifecycle

A central component of SAP's product security strategy is the secure software development lifecycle (secure SDL), which provides a comprehensive framework of processes, guidelines, tools and staff training, and ensures that security is an integral component of the architecture, design, and implementation of SAP solutions.

The secure SDL is a risk-based approach, which uses threat-modeling and security risk assessment methods to determine the security controls enforced during software provisioning and operations, including comprehensive security testing with automated and manual tests.


Previous Next

Digitally transform your SAP HANA Enterprise securely

Watch this webinar to learn the different ways to configure SAP HANA for optimal security, such as what vulnerabilities, risks, and relevant security configurations businesses should be aware of.

Back to top