Skip to Content
author's profile photo Former Member
Former Member

Who takes care of HANA security and compliance: Application teams, security, GRC, DBA, basis?

Hi all,

When you have a standalone HANA;

  1. there will be end-users who will access HANA views thru BOBJ,
  2. there will be developers using HANA studio to build views /SQLs etc
  3. there will be developers creating tables(database activity) etc,
  4. some admin stuff to create users, roles, audit activities,
  5. Typical GRC activities/segregation of duties etc

If you think traditional security models, application/security team takes care of the end users, developers, but usually DBA/BASIS team takes care of database access/creating tables..

What do you see in your environment/clients?

Appreciate your thoughts

Cheers

Tansu

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Posted on Sep 11, 2014 at 06:35 PM

    Did you have a look at @Richard Bremers blog Overview: Security Considerations for BI End Users Reporting on SAP HANA and the guide referenced in it: How to Define Standard Roles for SAP HANA Systems ?

    If not, that's what you may want to do.

    - Lars

    Add a comment
    10|10000 characters needed characters exceeded

    • "compliance, audit, segragation of duties,"

      These are organizational and regulation questions.

      They are independent of the underlying technology but depend on the business context.

      So how shall SAP provide guidelines for that in relation to a technology platform?

      Using SAP HANA doesn't change any of those three aspects.

      An idea of what kind of roles could evolve around a SAP HANA system can be found in the technical operations guide which is part of the standard documentation.

      However, this doesn't give a complete IT operations organisation blueprint - which is basically what you are asking for.

      Concerning statement 5): HANA Studio lets you do whatever you allow the user to do.

      That's - again - no different to any other platform tool out there.

      - Lars

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.