On-premises SAP deployments are notoriously complex with extensive customer customizations to the point where even making configuration changes for security reasons might require months-long planning and testing to make sure they break nothing in the environment. As more companies move their ERP deployments to the cloud, they have an opportunity to ensure the systems are configured securely.
The Cloud Security Alliance (CSA), a not-for-profit organization that develops and promotes best security practices for cloud computing, released a two-part implementation document this year for ERP applications in the cloud that follows 20 critical security controls.
