Governance over hybrid SAP Environments – the ANZ Story
Cloud adoption, and migration of on-premise applications to cloud services, is increasingly being undertaken by organisations wanting to leverage the business efficiencies that cloud infrastructure affords. For organisations with SAP environments there are impediments to a smooth journey. This report presents the responses to a survey of companies, located in the Australian-New Zealand region, that are using SAP for their enterprise resource planning. The current state of cloud adoption is explored and options for providing governance across hybrid environments are presented.
Commissioned by Sailpoint
Identity Governance and Administration (IGA), comprising user lifecycle management and access governance is an imperative for organisations. The goal is to provide a frictionless governance environment that efficiently serves user needs and accommodates corporate regulatory requirements. Governance provides visibility into ‘who has access to what’ within an organisation and a heightened level of cybersecurity through detection of inappropriate access, identification of policy violations and discovery of weak access controls. A hybrid environment, where one or more applications is on cloud infrastructure, represents an added complexity over a pure on-premises environment. Organisations wanting to exploit the benefits afforded by moving from on-premises infrastructure, with all the associated costs, to cloud-based infrastructure with the associated efficiencies need a comprehensive governance solution.
SAP is ‘heavy-duty’ enterprise resource planning (ERP) software that touches most operational and administrative processes in an organisation, and there is an understandable reticence amongst many SAP customers to commence migrating to the S/4HANA cloud solution; it is not a task to be undertaken lightly. But SAP has encouraged customers to do so via the release of a wide range of SaaS applications and has recently announced the availability of SAP Critical Data Cloud in Australia.
The friction associated with SAP ERP cloud migration is especially a concern for users in Australia-and New Zealand. Organisations in the region are typically smaller than their counterparts in North America or Europe, and engaging competent staff or contractors is more difficult due to the smaller support base. Thus, a lack of resources is a major deterrent to the effective transition of SAP ERP to cloud-based services. Too often the response to the cloud migration task is ‘if it’s not broken don’t fix it’, which, while it might be a reasonable short-term approach, relegates the organisation to a legacy environment that constrains their agility and retards their ability to innovate and grow.
To determine the degree to which SAP-based organisations in Australia and New Zealand (ANZ) have kept their applications current, and to determine associated ‘pain-points’, SailPoint invited SAP users to participate in a survey. Questions were developed that sought to confirm the current state of the SAP environment in ANZ, and to understand the factors that might be contributing to the reticence of SAP customers to migrate their ERP environments to the cloud.
The responses confirmed that the level of migration to the cloud is indeed lagging other large-application environments and that one of the reasons is the difficulty in managing access control to SAP and associated applications. A potential tool to alleviate this difficulty is ‘SailPoint Access Risk Management’, which was recently introduced to complement their identity governance offerings. The ability to provide governance across the SAP environment, and manage the attestation of user access to corporate applications, is a necessary component of corporate Governance, Risk and Compliance (GRC).