Skip to Content

SAP HANA Security

Address cybersecurity challenges and innovate with confidence, while taking steps to keep your systems secure and comply with the regulatory requirements of today's digital world.

Data anonymization

Real-time SAP HANA data anonymization happens at the view level, so the data at the table level remains unchanged. SAP HANA offers two different anonymization methods: k-anonymity and differential privacy. Additionally, you can add custom definition of anonymization views, access reporting views, and make use of the integration into our authorization framework.

Data masking

Protect data at row-level with data masking in tables and views. Native SAP HANA dynamic data masking is done on-the-fly so it leaves the data available for processing.

Role and privilege management

SAP HANA’s comprehensive authorization framework provides highly granular access control. Roles are used to bundle and structure privileges into sets of privileges for dedicated user groups. Privileges are based on standard SQL object privileges and SAP HANA-specific extensions for business applications.

User and identity management

SAP HANA provides tools for user administration and role assignment, as well as adapters for SAP Identity Management and SAP Access Control, which allow integration into existing user provisioning infrastructures. LDAP group integration for authorization purposes is also provided. To connect custom user provisioning solutions, an SQL interface is available.

Audit logging

SAP HANA offers highly configurable, policy-based audit logging for critical system events, for example, changes to roles or the database configuration. It can also record access to sensitive data: write and read access to objects such as tables or views, as well as the execution of procedures. For situations where a highly privileged user needs temporary access to a critical system, firefighter logging can be enabled. Integration into existing logging infrastructures is possible using Linux syslog.

Encryption and secure communication

Full data-at-rest encryption (including redo log encryption), application data encryption (including encryption APIs), and native backup encryption are part of SAP HANA’s core feature set.

Secure administration and configuration

For monitoring security-related settings, administrators can use SAP HANA tools, as well as other SAP tools. Examples include the security dashboard in the SAP HANA cockpit and SAP Solution Manager. SAP HANA comes with a checklist of critical security settings in the SAP HANA Security Administration Guide.

Security infrastructure integration

SAP HANA supports industry standards (e.g. SAML) and documented interfaces to enable integration with the customers’ security network and datacenter infrastructures such as for single-sign-on, identity management, audit logging, compliance tools and, threat detection and anti-virus checking.

Apply security patches and updates

Keep your deployment of SAP HANA up to date with the latest security upgrades, which are delivered on a monthly basis through the lifecycle management tools available in the platform.

Access services and tools from SAP

Take early action before system issues impact the business by leveraging security tools and services.

Use security features across the development lifecycle

Provide a comprehensive framework of processes, guidelines, tools, and training to help keep security an integral component of your architecture, design, and implementation of SAP solutions. 

SAP HANA Security Resource Center

Back to top