EDUCAÇÃO E TECNOLOGIA

SAP TechEd 2021: Watch the security session replays!

SAP TechEd 2021 is in the books, but learning never stops. We recorded most of the event – all you have to do is register on the SAP TechEd platform to get access to lecture sessions, hands-on content, interviews, and demos. Check out the SAP BTP Free Tier, the Newsguide, and the Learning Zone, all full of information about SAP’s products and services. Cecilia Huergo’s latest blog summarizes all these resources, and provides a feedback channel for you to let us know what you loved and what you’d like to see more of in the future.

Security Content

You can find recordings of all security sessions right in the session catalog. Remember that you need to be registered for SAP TechEd to access them; we’ll also keep adding more recordings over the coming weeks. Check out these sessions:

Make Trust Matter: Security on Channel One

In addition to the sessions listed above, we also streamed an hour of live content on Channel One. Watch the recording to hear from SAP BTP’s CISO Joe Campbell, get detailed insights into the identity and access management challenges of Nestlé’s journey to the cloud in our customer deep dive, and see a demo of FIDO for SAP Cloud Identity Services. We ended with an interactive live Q&A session; here are some of the questions submitted by the audience:

Q: How can we “force” developers to take care of security?
A: At SAP, we created development standards and guidelines that support our developers in meeting security and quality criteria. New features are subject to a number of evaluations, including security checks, before they are released to customers. We also require mandatory security trainings for developers, and we established an extensive network of security experts throughout all development teams and areas.

Q: When we use biometrics for authentication to SAP applications, how does SAP handle the data retention to ensure General Data Protection Regulation (GDPR) compliance?
A: SAP does not store the biometric data; this is stored on the client, such as a mobile device. It doesn’t enter the cloud. The FIDO protocol uses public-key cryptography to protect sensitive information that is transmitted in the authentication process. Only the identity and not the biometric data is stored in the cloud.

Q: How do I know when I should use SAP Single Sign-On as compared to the Identity Authentication Service?
A: SAP Single Sign-On is an on-premise product and is required if there are still any desktop clients involved, such as SAP GUI. In all other use cases, customers can benefit from the standards-based SSO capabilities available with the Identity Authentication service.

Enjoy watching the replays, and leave your feedback in the comments – we look forward to hearing from you! To stay connected, please join the SAP Security Community.