PCG logo
Article

RISE with SAP: Why Security Is More Than a Standard Service

The security of an SAP landscape is only as strong as its weakest link. In the context of RISE with SAP, this means that only when SAP, the hyperscaler, and the customer clearly assume their respective responsibilities can a robust security level be achieved.

Shared Responsibility in RISE

Many organizations mistakenly assume that SAP takes full responsibility for security under RISE. While SAP does relieve operational burden, a significant part of security remains with the customer, including:

  • Network security: Firewalls, VPNs, subnets in the hyperscaler.
  • Secure SAP code: Validation of custom developments using ATC, ABAP Code Inspector, or third-party tools.
  • Security monitoring & forensics: Audit logs, SIEM integration, anomaly detection.
  • System hardening: SNC, TLS, parameter configuration, RFC security.
  • User & identity management: Role design, SoD checks, integration with SAP GRC or Azure AD.
  • SAP Security Notes: SAP applies only critical notes automatically; all others require customer implementation.

Closing the Gaps

To address these potential security gaps, organizations can:

  1. Extend SAP services via Cloud Application Services.
  2. Engage AMS providers for monitoring, patching, and security assessments.
  3. Build internal teams with specialized expertise.

From Trust to Continuous Validation

Even with clearly defined contracts, the key question remains: How can I ensure my system is truly secure? Experience shows that without continuous validation, risks arise – such as incorrectly applied notes, insecure RFCs, or excessive authorizations.

Advisory from the Public Cloud Group

The Public Cloud Group (PCG) helps organizations address security risks in a structured way. As part of our RISE Assessment, we explicitly analyze security responsibilities, identify gaps, and design a robust security strategy – covering governance, monitoring, and concrete technical measures.

Conclusion

RISE with SAP simplifies operations but does not replace a comprehensive security strategy. Only through clearly defined responsibilities, continuous monitoring, and expert guidance from partners like Public Cloud Group does RISE become a secure foundation for digital transformation.



Services Used

Continue Reading

Article
SAP Build Code: The Future of Professional Development on the SAP Business Technology Platform (BTP)

SAP Build Code is more than just a development environment – it is a core element of a comprehensive platform strategy.

Learn more
Article
SAP RISE: Which path will lead your company successfully into the cloud future?

With SAP's consistent cloud strategy, companies today face a groundbreaking decision: RISE with SAP or GROW with SAP?

Learn more
Article
From On-Premise to Multi-Cloud: Mastering SAP Transformation in Healthcare

While many hospitals and healthcare providers still rely on traditional on-premise solutions, it's becoming clear: The future lies in multi-cloud.

Learn more
Article
Compliance and Data Protection in Multi-Cloud Setups for Healthcare: How SAP Strikes the Balance

While multi-cloud architectures promise flexibility and scalability, organizations must balance innovation with compliance. How can SAP and PCG support this balancing act?

Learn more
See all

Let's work together

United Kingdom
Arrow Down