#SAP customizations average 2,500 #security vulnerabilities
Stephen McAleer
Global & Enterprise Account Sales - Enterprise Software, Cloud, SaaS
Let's optimize this ...
SAP has their global customer advisory 'Keep The Core Clean' to externalize SAP customizations (#microservices).
aka: stop highly coupling bespoke additional complexity (SAP customizations) on an already very complex system. Instead, externalize SAP customizations as loosely coupled microservices to reduce dependencies/complexity to keep SAP current and start the flywheel effect of software and data agility and velocity.
Well, the public cloud vendors have native services for customizations; we can loosely couple SAP customizations to these highly coupled proprietary native mono cloud services.
Oh, wait!
SAP's global customers in aggregate present many (>10) bespoke mono cloud (on-prem, private/public clouds, geo/regional clouds) deployment platform requirements.
Economics
What happens to a finite SAP talent ecosystem if the talent must specialize to support >10 bespoke mono cloud platforms and bespoke services tools for SAP customizations?
Logic would expect deep specialization produces SAP talent constraint and the price goes up; bad inflation.
Security
What happens to SAP customizations security vulnerabilities with all (>10) these bespoke mono cloud services?
Logic reasons with much less SAP ecosystem implementation standardization, best practices wane and vulnerabilities increase; bad security inflation.
Remember, the nature of technology is deflationary.
A?#secure?and optimized methodology for SAP's 'Keep The Core Clean' and continuously improve SAP customization security is to
领英推荐
1) standardize not only the deployment platform across the mono clouds hosting the externalized SAP customizations and ALSO ..
2) standardize the use of?#cloudnative?(Non-mono cloud)?#hybridcloud?services for SAP customizations.
https://blogs.sap.com/2021/03/05/making-your-sap-integration-serverless/
Optimize.
SAP and its global ecosystem are?#hybridcloud?go-to-market across >10 bespoke mono clouds. Yes, individual SAP customers certainly present 1 or 2 mono cloud deployment requirements, but for the SAP ecosystem, including deflationary outcomes for SAP end customers, there is the need to optimize to the hybrid cloud bottleneck/constraint in order for the ecosystem to produce the necessary and good deflationary outcomes.
Automation is 'table steaks' in the cloud era. Therefore, optimizing for hybrid cloud deployment agility also requires the automation excellence of 'as a Service' as we experienced with mono cloud services.
To deliver this experience for hybrid cloud deployments, there is kubernetes operators. kubernetes is terrific at process looping for maintaining state, however, kubernetes does not have subject matter expertise (SME) about individual services. Operators are a loose coupling of SME knowledge of how best to deploy and run the lifecycle of services and applications orchestrated by kubernetes.
The burden of this hybrid cloud automation delivery can be intelligently distributed to SME's where they create the operator(s) about particular applications and services and then their operators are secured and certified for reuse by the ecosystem.
This approach optimizes SAP's 'Keep The Core Clean' global customer advisory (reduces complexity risk for S/4HANA too), as the SAP ecosystem has platform and customization services that run everywhere.
This standardization can optimize?#cybersecurity?rigor of SAP customizations for continuously improving test and vulnerability mitigation.
https://www.turnkeyconsulting.com/keyview/cyberattacks-on-critical-sap-applications-what-you-should-do-next