The document discusses SAP's security measures for protecting customer data and systems. It outlines SAP's security architecture, certifications, physical security, threat management, network security, data flow controls, secure operations, and single sign-on options.
The document discusses SAP's security measures for protecting customer data and systems. It outlines SAP's security architecture, certifications, physical security, threat management, network security, data flow controls, secure operations, and single sign-on options.
The document discusses SAP's security measures for protecting customer data and systems. It outlines SAP's security architecture, certifications, physical security, threat management, network security, data flow controls, secure operations, and single sign-on options.
The document discusses SAP's security measures for protecting customer data and systems. It outlines SAP's security architecture, certifications, physical security, threat management, network security, data flow controls, secure operations, and single sign-on options.
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
You are on page 1/ 5
SAP Security measures are audited and confirmed
through various Certifications & Attestations
Secure Product Development Security – ISO Certificates o ISO9001 Quality Management System Lifecycle
Overview o ISO27001 Information Security Management System o ISO22301 Business Continuity Physical Security – SOC1 (ISAE3402/SSAE16) Type II – Video and Sensor – SOC2 Type II Surveillance – C5 available depending on delivery model – Access Logging – Security Guards Advanced IT Security Threat & Vulnerability Management – Fire Detection and Architecture – Security Patch Management Extinguishing System – Isolated, separated Landscape per – Penetration Testing – Uninterruptible Power Customer – Vulnerability Scanning Supply – Security hardened – 24 x 7 Security Monitoring Center – Biometric Access Control Systems in certain Locations
Network Security Customer data flow control Secure Operations
– Network Filtering – Regional Data Storage – Asset Management – Intrusion Prevention Systems (e.g. EU-, US-Cloud) – Change Management – Web Application Firewall – European data protection and – Incident Management privacy policy – 2-factor Authentication – Anti Virus & Malware Management – Proxies with Content Filtering – Backup / Restore Management – Identity & Access Management – Security Awareness Trainings
