RISE with SAP: Key Security Considerations for a Smooth Migration
Organisations are constantly seeking ways to modernise their IT infrastructure and optimise operational efficiency. RISE with SAP is a pivotal solution for businesses aiming to migrate to the cloud seamlessly. But what exactly is RISE with SAP, and why should companies consider it?
In this article, we explore the features, benefits, and key considerations for navigating the RISE with SAP migration, drawing insights from industry experts, Jeroen Basten and Aditya Chordia from BDO UK, interviewed on Soterion’s SAP Security & GRC podcast. You can watch or listen to Episode 23 using the links below, or read this summary for key takeaways from the discussion.
Listen
Watch
What is RISE with SAP?
RISE with SAP is not a standalone product but rather a comprehensive package designed to help businesses transition their SAP systems to the cloud effortlessly. It serves as a one-stop service that enables organisations to become cloud-driven enterprises with minimal disruption.
At its core, RISE with SAP includes SAP S/4HANA, a powerful enterprise resource planning (ERP) system that enhances business operations and innovation. Additionally, it simplifies licensing, making it easier for companies to manage contracts without dealing with multiple vendors.
One of the major advantages of RISE with SAP is its Business Transformation as a Service (BTaaS) model. This approach bundles software, infrastructure, and services into a single contract, streamlining the migration process and making it more manageable. With SAP handling the heavy lifting, companies can focus on strategic business objectives rather than dealing with multiple service providers.
RISE with SAP is particularly beneficial for organisations looking to:
- Modernise legacy systems (e.g., transitioning from SAP ECC).
- Improve compliance and security.
- Leverage new technologies such as AI and automation.
- Benefits of embedded BTP (Business Technology Platform)
- Business Process Optimisation
- Streamline operations and enhance workflow efficiency.
Understanding SAP S/4HANA and its role in digital transformation
SAP S/4HANA is a next-generation ERP system designed to manage business processes more efficiently. Think of it as the backbone that supports key functions such as finance, procurement, inventory management, and sales. It is particularly beneficial for large multinational corporations that require a centralised system to manage complex global operations.
Two key differentiators make SAP S/4HANA stand out from its predecessors, like SAP ECC:
- Cloud-Native Architecture: While SAP S/4HANA can be hosted on-premise, it is designed for the cloud, providing businesses with scalability and flexibility.
- Powered by SAP HANA Database: Unlike traditional databases, SAP HANA is an in-memory database, meaning it processes data faster, enabling real-time analytics and reporting.
However, transitioning to SAP S/4HANA is not a one-size-fits-all solution. Companies must carefully evaluate whether it aligns with their business needs and goals before making the leap. Additionally, SAP will end support for ECC by 2027, with extended maintenance available at additional cost until 2030, making it imperative for organisations to plan their migration to stay fully supported.
The importance of security and role design in SAP S/4HANA migration
Security is a critical factor in any ERP transformation. In SAP S/4HANA, user access is governed by role-based authorisations.
Poorly designed roles can lead to:
- Excessive user access increasing the risk of fraud.
- Operational inefficiencies and compliance risks.
- Additional License Costs
SAP provides 600+ pre-built business role templates, which serve as a great starting point for organisations. However, businesses often require custom roles to cater to their unique needs.
Best practices for role design include:
- Appoint a role owner who understands business operations, compliance, and system functionality.
- Implement Segregation of Duties (SoD) to prevent conflicts of interest (e.g. ensuring that a single user cannot both create and approve purchase orders).
- Regularly review access to ensure users have only the permissions they need.
By following these best practices, companies can ensure their SAP environments remain secure, compliant, and efficient.
The role of system integrators in SAP S/4HANA implementation
System integrators (SIs) play a crucial role in SAP implementation projects. However, their primary responsibility is to execute the build rather than challenge security designs. As a result, businesses must own the security framework and ensure that compliance considerations are embedded from the start.
To achieve this, companies should:
- Engage a security expert or compliance partner to oversee access controls and compliance risks.
- Integrate security and SAP License considerations into the design phase rather than treating it as an afterthought.
- Regularly review and update security measures as the system evolves.
By proactively managing security and authorisations, organisations can mitigate risks, save on License costs, and ensure their SAP environments remain robust and resilient.
Navigating SAP’s new user licensing model
A significant change in SAP S/4HANA is the new approach to named user licensing. Traditionally, user licenses were based on system usage and self-reported classifications. However, SAP has now introduced a more defined measurement methodology using the SAP Object Analyser and rule sets.
This new model evaluates user access down to the authorisation object level, leading to more precise but potentially costly licensing classifications. Many organisations may find that users previously classified under lower-tier licenses are now considered advanced users, resulting in higher licensing costs.
To avoid unexpected expenses, businesses should:
- Assess licensing impact early rather than waiting until migration is complete.
- Optimise role design to align with actual job functions.
- Standardise access where possible while ensuring compliance with licensing requirements.
Proactive planning in this area can result in significant cost savings and operational efficiencies
Enhancing user experience with SAP Fiori
SAP Fiori transforms the traditional SAP user interface into a modern, role-based experience. Instead of relying on complex transaction codes, users can interact with a clean, intuitive interface.
Key features of SAP Fiori include:
- Fiori Spaces and Pages: A structured, user-friendly interface that can organises applications in a logical manner.
- Browser-Based Navigation: Enhances accessibility and reduces training time.
With the benefits available to the end-user, organisations should integrate Fiori into their role design strategy to ensure a seamless and secure transition.
Final considerations for organisations migrating to RISE with SAP
Migrating to RISE with SAP involves more than just a technology shift – it’s a business transformation. Here are some final considerations:
- Shared Responsibility Model: Security is now a shared effort between SAP, the cloud provider, and the organisation. Companies must clearly define who owns what to prevent gaps in compliance.
- Identity and Access Management: Organisations should integrate SAP S/4HANA with their existing IAM systems to streamline provisioning and access control.
Conclusion
RISE with SAP offers a compelling pathway for businesses looking to modernise their operations and transition to the cloud. However, successful adoption requires careful planning, robust security measures, and proactive management of licensing and role design.
By partnering with trusted advisors and security experts, organisations can navigate their SAP transformation with confidence, ensuring a secure, compliant, and future-ready enterprise.
For businesses considering moving to S/4HANA, whether on-premise or on RISE with SAP, engaging the right expertise early in the process is essential to mitigate risks and unlock the full potential of cloud transformation.
If you have any questions, feel free to reach out to us at [email protected]
