Describing Data Centers

Objective

After completing this lesson, you will be able to describe how a data center provides secure access to data remotely

Cloud Data Centers

Even though cloud software runs remotely, it still relies on physical servers. Like any other computer, these servers need power to operate.

Imagine a building with rooms and rooms full of computer servers - this is called a data center. Cloud software providers either own and maintain their own data centers, rent space from third-party data center providers, or use a combination of both to ensure their services run smoothly.

Graphic showing a visual floor plan of a data center.

There are three key components in a data center:

  • Power Supply: The data center is connected to two separate grid sectors operated by the local utility company. If one sector fails, the second one continues to supply power. The data center also houses multiple diesel generators in a separate building as a secondary backup if both power grids were to fail.
  • Cooling: All electronic components and processors generate heat when operated. If the heat is not dissipated, the processor's efficiency may decrease to the point component(s) fail. Therefore, cooling a data center is essential - and costly, due to the concentrated computing power.
  • Controlled Access: SAP's data centers meet the highest security standards. State-of-the-art technology and rigorous security are used to protect data virtually and physically against data breaches, fires, terror attacks, and other threats.

Additional Security Measures

All communication between data centers is encrypted by industry measures. The detail of implementation varies by solution and data flow.

Backup Retention Procedures

SAP conducts backups in the form of a disk-to-disk copy, which enables rapid data creation and recovery. In addition to full backups done daily, SAP creates interim backup versions several times each day. These backups are then archived at a secondary data center location for security purposes. Customers can choose where their primary and secondary data centers are located. Please note that locations vary by product - see the availability map here.

Monitoring and logging access to SAP Data Centers

SAP data centers are monitored around the clock with video cameras at every entry point. These cameras are used to record and monitor each access event, which is logged in the access system for 90 days. Single-person access and "mantrap" systems (a physical security mechanism used to control access to a secure area) provide access only to authorized individuals. Technicians can enter special rooms using custom-configured ID cards. High-sensitivity areas require authentication through biometric scans.

The multi-layered, partitioned, proprietary network architecture permits only authorized access with:

  • A web dispatcher farm that hides the network topology from the outside world.
  • Multiple Internet connections to minimize the impact of distributed denial-of-service (DDoS) attacks.
  • Layered security measures that continuously monitor solution traffic for possible attacks.
  • Multiple firewalls that divide the network into protected segments and shield the internal network from unauthorized Internet traffic.
  • Third-party audits performed throughout the year to support early detection of any newly-introduced security issues.

Note

Check out the SAP Trust Center for more information about SAP data centers and cloud security.

Log in to track your progress & complete quizzes

Learning

SAP FacebookSAP YoutubeSAP LinkedIn