Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
Bedrock Managed Service
Scalable support and on-demand expertise that seamlessly integrates with your existing operations.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
21 June 2019

The security risks of increased mobility with SAP S/4 HANA

The introduction of S/4 HANA is a major game-changer for SAP, as it offers a solution that’s designed to meet the challenges and requirements of the digital economy. And as 2025 marks the deadline to switch from SAP ECC to S/4 HANA, it’s no surprise that large numbers of SAP customers are now preparing to migrate.

One of the biggest but often overlooked considerations within moving to the S/4 platform is the issue of security. This is largely due to the introduction of SAP Fiori – a key aspect of S/4, which emphasises the role of mobile. Fiori increases the accessibility of the suite to people across your organisation, wherever they are based - as users can access the platform through the Cloud on any connected device. Fiori also offers a more user-friendly layout, which is easier for non-technical people to use and enables faster access to relevant information.

The result will be greater productivity and efficiency - as all users will have better and more flexible access to relevant systems and information, wherever they are. Yet this improved mobility also has its drawbacks when it comes to security, as it opens up many potential routes into core business systems and data.

These are the main security challenges presented by SAP Fiori:

  • Increased mobility means that data can now be transferred over a 4G signal, which is not as secure and is easier to hack into
  • If a device falls into the wrong hands, due to theft or loss, that person could then gain access to your system
  • Access is possible from public Wi-Fi networks, which are more easily intruded upon
  • End-user devices might not be patched or properly secure – potentially leaving your whole system open to bugs and cyber attacks via a compromised device

But these security concerns, if they are addressed properly and comprehensively, can be mitigated. Using good design, preparation and practice will allow you to effectively manage and secure both your network and devices.

Here are five ways to negate the security risks associated with S/4 HANA and keep your systems safe:

  • Set up an external gateway. This is a gateway that resides outside your own network and requires users to log in using a set protocol. This adds an additional layer of security to the login process that protects your network.
  • Ensure encryption is enabled. Encrypting your files and making them unreadable without the correct encryption key significantly enhances security. Even if someone does manage to gain access to your files, they won’t be able to do anything with them. Enabling end-to-end encryption ensures that communications between SAP and your users cannot be intercepted, even if they are using public Wi-Fi hotspots.
  • Introduce certification protocols. You can secure your system, and keep unauthorised users out, by introducing certification protocols, so that each user has to be certified before accessing your system.
  • Develop strong and effective mobile device management. Controlling device access to company networks and data keeps you on top of who is doing what with which devices, so you can feel confident that mobile users are working within company policies. So, you must have a robust approach to the management of mobile devices, which will ensure you know where devices are and being kept up-to-date and patched. You should also monitor usage to make sure that password standards, and other configurations, are being enforced.
  • Improve intrusion detection and prevention through network traffic monitoring. You should monitor and analyse traffic across your network by automatically monitoring usage and searching for any suspicious patterns. This protects your system from network-based threats. If and when threats are discovered, the system can take necessary actions to keep you safe - such as by notifying administrators, or immediately barring the source IP address from accessing the network.

In summary:

The introduction of S/4 HANA offers an incredible opportunity. Thanks to the ground-breaking introduction of Fiori, it dramatically modernises the user experience and speeds up planning, execution and collaboration.

However, the potential security risks that come with the new platform cannot be ignored. Which makes it a careful balancing act. Overly restrictive controls would be counter-productive to the huge benefits offered by S/4 and Fiori. They would take away the increased mobility offered by the platform and potentially harm your business case.

So, it requires a collaborative approach with your security experts working closely with the wider transformation team. This will help to ensure risks are addressed before, during and after the migration process - ensuring systems, data and devices are secure, while users can work more productively.

Find out how you can drive intelligent automation across finance with our Robotic GRC webinar series, ran in conjunction with SAP. To watch this series now just click on the image below. Alternatively, see how Turnkey’s SAP security support can help your business.