A breach of sensitive company, taxpayer, or personally identifiable information can have devastating consequences. Operating in this reality, nearly all organizations understand the need to ensure the security of their software. SAP has thousands of customers that rigorously mitigate security risks each day, applying industry best practices and additional solutions for enhancing IT security.
However, there is another critical aspect of security that is often overlooked: the delivery of support for solutions provided by external partners and providers such as SAP. Many organizations tend to think of support-related security in terms of software updates, security patches, and legal compliance updates. While these aspects of solution support are important, they are only one part of a complete security picture.
What’s So Important About Secure Support Delivery?
Most organizations have at least one business unit that can be considered “critical infrastructure” — containing vital assets that, if compromised, could have devastating effects, from economic security to public health or safety. These types of business units require enhanced security measures to protect sensitive data, such as restricting remote access to internal business applications from partners and solution providers or specifying that all external support personnel and activities originate from the business unit’s home country.
However, tightening security around access to your systems carries with it two primary challenges. First, restricted connectivity from solution providers such as SAP and reduced visibility of system data can impair troubleshooting and resolution processes, and can make it difficult to keep systems updated with the latest technology patches, functional enhancements, and legal updates. These restrictions also limit the opportunity for proactive support services that can help keep solutions and business processes running smoothly, eliminate potential problems before they become major issues, and keep internal support staff skills and knowledge up to date.
Second, outside of the most essential IT and security resources, many employees are unaware or unsure of their organization’s security policies and may inadvertently fail to follow guidelines when interacting with support providers.
SAP National Security Services (SAP NS2) offers highly secure support and maintenance programs from SAP.
Secure Support Delivery with SAP NS2
To help SAP customers address these challenges, SAP National Security Services (SAP NS2) — an independent subsidiary of SAP in the United States — offers analytics, database, cyber security, cloud, and mobile solutions from SAP, with specialized levels of security and support for organizations with critical infrastructures and enhanced security restriction and compliance requirements. Originally founded in 2004 as SAP Government Support and Services, SAP NS2 serves customers based in the US and, to support home-country access restrictions, features a staff that is 100% comprised of US citizens, including credentialed experts with years of experience meeting the enhanced security needs of organizations in both the public and private sector, including government agencies, financial institutions, and telecommunications carriers.
So how does this work? The SAP NS2 support offerings are an enhanced-security version of SAP’s existing support offerings. In most cases, existing SAP customers would continue to purchase new software licenses from SAP, but replace their current SAP support programs with those delivered by SAP NS2. Customers that are not currently procuring new solutions from SAP can convert to the SAP NS2 offerings at any time.
A Closer Look at SAP NS2’s Support Offerings
SAP NS2 offers three main support programs:
- Secure Enterprise Support is an adaptation of SAP Enterprise Support for specialized security requirements. Customers retain access to the tools, content, and expertise included with SAP Enterprise Support — such as access to SAP Solution Manager, continuous quality checks, value maps, and SAP Enterprise Support Academy, which offers role-based learning programs, content, and services for building up knowledge and skills.
- Secure Product Support for Large Enterprises is an enhanced-security version of SAP Product Support for Large Enterprises. It includes the support services, tools, and methodologies that SAP’s largest and most complex customers need to support and manage their IT landscapes holistically, including support for continuous improvement, innovation, message handling, and application lifecycle management via SAP Solution Manager.
- MaxSecure Support is the enhanced security variation of SAP MaxAttention. It is a premium support engagement that uses a collaborative approach to help customers achieve faster time to value, reduce deployment costs and rollout times, and increase the quality and efficiency of implementations and lifecycle management by leveraging SAP expertise and best practices.
Each program includes SAP NS2’s tailored approach for defining a specific remote access policy and technology control plan, and providing a support plan and capabilities for system analysis from specified resources or locations according to the customer’s data security policy or legal regulations. Each offering also leverages SAP NS2’s secure infrastructure, which is completely isolated and air-gapped from the rest of SAP, and can integrate credentialed support personnel, provide restricted areas where customer information can be viewed, and filter support messages for further processing to limit the exposure to customer solutions and data. In addition to these features, with the MaxSecure Support program, all embedded support is delivered using US citizens on US soil, allowing customers with the most stringent security requirements to receive the full benefits of SAP MaxAttention.
All of the SAP NS2 offerings fully integrate with SAP’s existing support programs, ensuring that customers retain the value that SAP support offerings provide while ensuring the protection of sensitive customer data with the SAP NS2 approach. Each secure support offering is delivered in an efficient, transparent, and holistic way that is tailored to the customer’s security requirements, whether industry-specific or government-mandated, including options for onsite support and remote services from SAP NS2’s secure facilities.
Taking Support to the Cloud
The cloud represents a compelling opportunity for reducing costs, increasing flexibility, and gaining access to innovative features. However, organizations with critical security needs, such as government agencies, can be limited in their ability to take advantage of these benefits.
To support these customers, SAP NS2 is co-innovating with agencies and partners to deliver offerings on a secure cloud platform that brings together industry-specific functionality and compliant solutions. A US federal secure cloud offering, for example, is currently under development and will provide government agencies with the flexibility to consume the cloud when and how they want through managed private cloud offerings on SAP HANA.
With a single support, operations, and services model that can be tailored to customer policies, organizations with enhanced security needs can ensure the protection of critical assets while realizing the value of the cloud, including saving money by shrinking the hardware stack, accelerating responses to opportunities and risks with rapid analytics, and delivering the right mix of features, all with minimal disruption. To learn more about SAP NS2 offerings, contact your SAP account executive or email firstname.lastname@example.org.