Automate SAP B1 operation in cloud, securely

HOT TOPIC

Security & Availability in cloud

We are often facing the fact that security setup is just not sufficient, even at some bigger companies. Just recently we have been dealing with situation, where customer was migrating to our environment after ransomware attack, which happened in their previous environment. Unfortunately, they did not backup properly and the customer ended up losing considerable amount of data. So don't be fooled, these threads are real and issue of Security is very relevant nowadays.

At ZAIP.one security remains our top priority.

See how we go about our business & explore features that are already available to help you with your own security journey.

Proper architecture and Backups are the key

• We use 3 independent data centers in EU with TIER3 standards & various backup plans
• Access for portal operators is secured by Multi-factor Authentication (MFA)
• Audit Logs
• Successful Penetration tests
• Certified and regularly audited by SAP (for Cloud and Infrastructure Operations)
• Certified for Slovak Government Cloud
• ISO 27001:2013 compliant (Cyber Security)

‍

Defining User Roles with Permissions - understanding the scope & importance

‍

Based on the knowledge of business model of our Partners /SAP Business One Resellers/, we worked out pre-defined User Roles to choose from for convenience. On SAP Prod level, Partner is able to pick the following Roles for the team members:

• SAP Admin
• SAP Consultant
• SAP Support

Each of these Roles is tied to different List of allowed actions (Permissions) based on the typical job duties of that person, and will enable users to access the needed abilities within ZAIP.one platform.

If you need any custom role to be created for your team, just contact our Helpdesk and we will sort it out!

‍

Ability to set Access on Customer level

We apply the principle of Least privilege (PoLP), an information security concept which maintains that a user or entity should only have access to the specific data, resources and applications needed to complete a required task.

Permissions can be temporarily increased if specific job task requires it, therefore its never a good idea to just give default all-access rights to all team members. As a good practice, each member should have the minimal access which is needed for completing his/her duties.

This also applies to Customer access. For example, an intern or new hire doesn't need to have access to all Customers immediately if they only manage one. In ZAIP.one this can be easily setup and updated on the fly, as needed.

Our team approach

We have been operating SAP Business One in Cloud since 2012, and building our platform solution ZAIP.one for the last 5 years. We take Security very seriously from every angle, and this includes security from the team standpoint as well. As such, we proud ourselves to work with stable team of experts, who are  available in-house & tested by years of our cooperation.

‍

‍

‍