8 – Protect your SAP data at rest and in transit

How do you protect your SAP data? SAP systems often run the core functions within a business and store sensitive enterprise data. Best practice is to encrypt data at rest and in transit using at least one encryption mechanism to meet internal or external security requirements and controls. In addition to the controls listed in the AWS Shared Responsibility Model, AWS provides multiple encryption solutions. Many AWS services have features which allow you to enable encryption with minimal effort and performance impact. There are encryption options available for the database and SAP application layer that you can consider.

ID	Priority	Best Practice
☐ BP 8.1	Highly Recommended	Encrypt data at rest
☐ BP 8.2	Highly Recommended	Encrypt data in transit
☐ BP 8.3	Highly Recommended	Secure your data recovery mechanisms to protect against threats

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Best Practice 7.4 – Implement logging and reporting for user access and authorization changes and events

Best Practice 8.1 – Encrypt data at rest