06.10.2020

Interview with Ralf Kempf on the secure transformation to S/4HANA.

Ralf Kempf, CTO SAST SOLUTIONS, has already supported many companies in their migration to SAP S/4HANA. He tells it management about the recipes for success.

Ulrich Parthier: The crucial question when it comes to changing over to SAP S/4HANA is how can you manage the transition? Should I start the implementation from scratch or can I migrate existing processes?

Ralf Kempf: The ideal method for a given enterprise is always an individual consideration. Does it make the most sense to trim all the accumulated “process fat” and start over in a greenfield approach? Or is your highest priority to minimize costs, so you choose a brownfield approach instead? And, of course, there is the middle ground: the selective data approach, which enables you to migrate good processes and redesign obsolete ones.

All of these approaches have one thing in common: all too often, we see that the persons responsible aren’t really aware of the challenges they face at the start of a project. This not only costs time later, but also frequently incurs significant additional costs.

Ulrich Parthier: The area of security is a real Sword of Damocles. How can a good strategy help you avoid security vulnerabilities in SAP S/4HANA?

Ralf Kempf: It’s a fact that nearly half of the enterprises that plan a migration to SAP S/4HANA neglect to safeguard the new systems. But ignoring security aspects can result in significant economic harm, despite the fact that a migration project also gives you the opportunity to take your SAP IT migration to a new level, with a cleanly designed, holistically planned security and compliance strategy for safeguarding the IT systems.

Ulrich Parthier: In your experience, what are other common mistakes made on migration projects to SAP S/4HANA?

Ralf Kempf: One frequent misconception is that Fiori – the new user interface with SAP apps – is a solution for nearly everything. But Fiori isn’t even comprehensive on SAP’s side yet; many processes aren’t supported. That’s why we recommend only using Fiori where it truly adds value and simplifies things.

Another mistake that we unfortunately encounter all too often are “legacy burdens” that are essentially migrated to the new system inadvertently – the source code is a specific example here. Instead of analyzing things beforehand to determine what they really need, they simply copy everything on a 1:1 basis. The consequence: All the vulnerabilities are transferred as well, along with source code that is no longer even used, yet still opens up popular back doors for cybercriminals. The costs of such negligence can reach the millions.

Damage like this is absolutely avoidable by devising an end-to-end strategy for SAP S/4HANA security from the start.

 

[Read the full interview for free online (in German) in the October 2020 issue of it management.]

Beitrag teilen

Go back

Privacy settings

Click »Info« to see a list of the used cookies. You can give your consent to the required cookies or statistic cookies. The selection is optional. You can change these settings or delete the cookies in the browser at any time. If you select the »Statistics« option, your opt-in consent also extends to processing in the USA, which is considered by the European Court of Justice as a country with an insufficient level of data protection. Please find further information in our privacy statement.
In this overview you can select and deselect individual cookies of a category or entire categories. You will also receive more information about the cookies available.
Group external media
Name YEXT -Search
Technical name yext
Provider Yext GmbH
Expire in days 0
Privacy policy https://www.yext.de/privacy-policy/
Use Enables intelligent search via YEXT.
Allowed
Group external media
Name Google Maps
Technical name googleMaps
Provider
Expire in days 6491
Privacy policy
Use Enables the use of Google Maps.
Allowed
Group external media
Name YouTube
Technical name youTube
Provider
Expire in days 0
Privacy policy
Use Enables the use of the Youtube video player.
Allowed
Group statistics
Name Google Analytics
Technical name _gid,_ga,1P_JAR,ANID,NID,CONSENT,_ga_JT5V6CR8ZH,_gat_gtag_UA_133169400_1,_gat_gtag_UA_141664271_1,_gat_gtag_UA_127185455_1,_gat_gtag_UA_127561508_1,_gat_gtag_UA_194226577_1
Provider Google LLC
Expire in days 730
Privacy policy https://policies.google.com/privacy
Use Cookie by Google for website analysis. Generates anonymous statistical data about how the visitor uses the website.
Allowed
Group essential
Name Contao CSRF Token
Technical name csrf_contao_csrf_token
Provider
Expire in days 0
Privacy policy
Use Serves to protect the website from cross-site request forgery attacks. After closing the browser, the cookie is deleted again.
Allowed
Group essential
Name Contao HTTPS CSRF Token
Technical name csrf_https-contao_csrf_token
Provider
Expire in days 0
Privacy policy
Use Serves to protect the encrypted website (HTTPS) against falsification of cross-site requests. After closing the browser the cookie is deleted again
Allowed
Group essential
Name PHP SESSION ID
Technical name PHPSESSID
Provider
Expire in days 0
Privacy policy
Use PHP cookie (programming language), PHP data identifier. Contains only a reference to the current session. There is no information in the user's browser saved and this cookie can only be used by the current website. This cookie is used all used in forms to increase usability. Data entered in forms will be e.g. B. briefly saved when there is an input error by the user and the user receives an error message receives. Otherwise all data would have to be entered again
Allowed
Group essential
Name FE USER AUTH
Technical name FE_USER_AUTH
Provider
Expire in days 0
Privacy policy
Use Saves information of a visitor as soon as he logs in to the frontend.
Allowed
Group statistics
Name Google Repcatcha
Technical name googleRepcatcha
Provider Google LLC
Expire in days 0
Privacy policy https://policies.google.com/privacy
Use Protect from spam.
Allowed
Group statistics
Name ClickDimensions
Technical name cuvid,cusid,cuvon,cd_optout_accountkey
Provider ClickDimensions
Expire in days 730
Privacy policy https://clickdimensions.com/solutions-security-and-privacy/
Use Cookie from ClickDimensions for website analysis. Generates anonymous statistical information about how the visitor uses the site.
Allowed
Copyright akquinet AG. All Rights Reserved.