Introduction to Cloud Computing
Cloud computing is the delivery of applications, platforms, data storage, operating systems, and other computing resources over the Internet. In the cloud model, you pay a regular subscription fee to consume certain services from a third party provider. This is similar to how you consume services in your home such as water and electricity. You pay the utility provider on a monthly or quarterly basis, and the provider is responsible for delivering services to you, and maintaining the infrastructure necessary to deliver those services (public water pipes, power lines). If there is an issue, you would contact the service provider for a resolution. For example, if there is a power outage due to a thunderstorm, the utility provider is responsible for troubleshooting and taking the necessary steps to resolve the issue and reinstate your service.
This is a stark contrast to the traditional on-premise model, where the customer is responsible for purchasing and maintaining the server(s) where the software is installed, and the software itself. This includes setting up redundancies to back up data, and security measures to protect both the physical servers on site, and the software in the virtual space. For example, if the customer's server crashes and needs to be rebooted, an employee within the organization must handle this task, and all employees using the software wouldn't be able to access the system while it's down. What if data was lost during the crash? For a large organization, it may be feasible to budget for a team of people to maintain the servers, software, redundancies, and security, but small and mid-size organizations need a cost-effective solution where they know their data is safe and their applications are accessible when they need them. Large organizations also look to cloud software to help them reduce the cost of maintenance while gaining the benefits described in the table below:
|Increase or decrease the storage space and computing power you need to meet fluctuating workload requirements.
|Minimize hardware and IT (Information Technology) department costs; only pay for what you use.
|24 x 7 x 365 system access from anywhere, on any device.
|Improve compliance, protect data, and mitigate risk with continuous security updates from the cloud provider.
|Rapidly adopt new technologies to innovate faster, while simplifying the IT department's maintenance responsibilities.
|Set-up cloud system(s) to quickly react to changing market conditions and business needs.
Where does your data live?
Where do these "computing resources" live? Software needs to be installed in a physical server, which ultimately needs access to a power outlet to turn on and function. Imagine a building with rooms and rooms full of servers - this is called a Data Center. A cloud software provider either owns their own data centers, contracts with third-party data center providers to use a certain number of their physical servers, or both.
There are three major components in a data center:
- Power Supply: The data center is connected to two separate grid sectors operated by the local utility company. If one sector fails, the second one continues to supply power. The data center also houses 13 diesel generators in a separate building. Together, they produce a total of 29 megawatts.
- Cooling: All electronic components and processors generate heat when operated. If the heat is not dissipated, the processor's efficiency may decrease to the point that component(s) fail. Therefore, cooling a data center is essential - and costly, due to the concentrated computing power.
- Controlled Access: SAP uses state-of-the-art technology and rigorous security to protect data virtually and physically against data breaches, fires, terror attacks, and other threats. Our data centers meet the highest security standards.
Additional Security Measures
Integration, security, and performance between solutions located in different cloud data centers
All communication between Data Centers is encrypted by industry measures. The detail of implementation varies by solution and data flow.
Backup retention procedures
SAP conduct backups in the form of a disk-to-disk copy, which enables rapid data creation and recovery. In addition to full backups done on a daily basis, we create interim backup versions several times each day. We then archive these at a secondary data center location for security purposes. Customers can choose where their primary and secondary data centers are located. Please note that locations vary by product - see the availability map here.
Monitoring and logging access to SAP Data Centers
SAP data centers are monitored around the clock with video cameras at every entry point. We use these cameras to record and monitor each access event and log this in our access system for 90 days. Single-person access and "mantrap" systems provide access only to authorized individuals. Technicians can enter special rooms using custom-configured ID cards. High-sensitivity areas require authentication by means of biometric scans.
Technical security features
The multilayered, partitioned, proprietary network architecture permits only authorized access with:
- A Web dispatcher farm that hides the network topology from the outside world.
- Multiple Internet connections to minimize the impact of distributed denial-of-service (DDoS) attacks.
- Layered security measures that continuously monitor solution traffic for possible attacks.
- Multiple firewalls that divide the network into protected segments and shield the internal network from unauthorized Internet traffic.
- Third-party audits performed throughout the year to support early detection of any newly introduced security issues.