SAP Analytics Cloud (SAC) is a cloud-based business intelligence and analytics platform that provides a wide range of capabilities, including data visualization, predictive analytics and planning. In the coming years, an increasing number of customers will start with, or extend, their cloud investments and shift from existing on-premises business intelligence (BI) solutions, such as SAP BusinessObjects BI, to SAP Analytics Cloud to connect people, information and ideas to enable fast and confident decision-making.
To support this shift, it’s crucial that SAP offers capabilities to seamlessly integrate SAP Analytics Cloud with other components in the IT landscape. One of the key benefits of SAC is its ability to bring together data from various sources and make it available to users in a single platform. However, as with any cloud-based solution, security is a critical concern, especially for authentication and authorization to minimize the support effort required. In this article, we will explore some of the key security features and best practices for SAP Analytics Cloud.
Authentication: SAC offers a variety of authentication options, including Single Sign-On using SAML or OAuth, and password-based authentication.
Authorization: SAC supports user and role-based authorization, which allows administrators to control access to data and functionality based on a user’s role within the organization.
Data encryption: SAC uses encryption to protect data in transit and at rest. Data is encrypted both when it is in transit between the user’s device and the SAC server, as well as when it is stored on the server. This ensures that data is protected from unauthorized access and breaches.
Access control: SAC allows administrators to control access to data and functionality based on a user’s role within the organization. This allows organizations to ensure that only authorized users have access to sensitive data, and that they can only perform actions that are appropriate for their role. The core components of access control in SAC are managing users, managing teams and managing roles. It also provides a provisioning API service to automate the role assignment to users and teams.
Teams: The highlight of SAC security is Teams. It is a collaborative feature of the SAP Analytics Cloud platform that allows users to work together on data analysis and visualization projects. With SAC Teams, users can share data, models, stories and other content with their colleagues, as well as collaborate on data analysis and visualization in real-time.
Shared content: Users can share data, models, stories and other content with their colleagues, and collaborate on data analysis and visualization in real-time.
Notifications: Users receive notifications when content is shared with them or when changes are made to content they are working on.
Chat and comments: Users can communicate with each other through a built-in chat and commenting system, making it easy to collaborate on data analysis and visualization projects in real-time.
In conclusion, the SAC platform undergoes regular security updates to ensure the security of the platform. It offers a wide range of security features and best practices to ensure the protection of data and functionality from unauthorized access. However, it is important to note that security is an ongoing process and requires continuous monitoring and improvement to meet the evolving threat landscape.
About the author: Masood Ahmed is a Certified Information Systems Auditor and SAP-certified governance, risk, and compliance expert with more than 14 years of experience in the configuration and production support of various SAP security and GRC products. He is currently the manager of enterprise financial applications. He is the author of a book titled “UI Data Protection Masking for SAP S/4HANA.” He is a motivated driver of innovation and inspires learners by publishing articles about UI data protection masking and GRC process controls.
Masood completed his master’s degree in computer science from Governors State University, Chicago, in 2007. He has represented his organization at annual GRC conferences, including as a speaker at Americas' SAP User Group (ASUG), and has been invited to cybersecurity conferences.