Industry: Utilities, Gas & Electric
Company Size: 2K+ employees, >$2B revenue
Challenge
A Fortune 500 utility company operating a twenty-year-old, on-premises SAP system chose the RISE with SAP program to more efficiently migrate to SAP S/4HANA and modernize their systems. Due to the age and complexity of their legacy systems, the company opted for a greenfield approach so they could start over and start clean in their new RISE environment. With the knowledge that the company was still responsible for their application security and compliance under the shared security responsibility model of RISE, this company recognized that their existing staff – while very good – required new skills and insights to navigate SAP security and compliance in the cloud. They recognized that they needed greater understanding of their roles and responsibilities for security under RISE. This utility company very much wanted a partner who could offer significant SAP security technology capabilities to help them today, deep R&D teams for both threat insights and product innovation to protect them tomorrow, and knowledgeable resources with deep hands-on expertise in guiding large enterprises with security planning and execution for large, multi-year RISE deployments.
Fortunately for this company, they had been partnering with Onapsis for many years to secure their on-premises systems, so they already recognized the value of Onapsis technology for securing their SAP landscape and wanted that to continue in RISE. However, when they learned that Onapsis also offered hands-on RISE experts for enterprises to help augment their staff as they journey to RISE, they quickly realized they could get everything they wanted from their partner that knew both themselves and SAP security the best.
Overall Results
With the help of Onapsis technology, this utility company achieved their goal of building security into their RISE with SAP transformation seamlessly, without interfering with their tight delivery timelines. They expanded their security visibility to their new RISE systems as well as point-in-time vulnerability scanning and continuous monitoring for SAP BTP and SAProuter, while simultaneously protecting their legacy systems as they executed a phased rollout of new systems on RISE. Everything – both legacy on-premises and RISE assets – were all centralized in the Onapsis Platform dashboard which simplified security and compliance for their teams. The research-driven analysis built into the Onapsis Platform paired with efficiencies from security automation helped them eliminate a significant amount of manual processes throughout the project as well as make project decisions much faster, resulting in both better security and greater risk reduction and significant time and cost savings.
By far, the biggest advantage this utility company had during their RISE transition was enlisting the Onapsis RISE experts to augment their existing staff and guide them along the way. From the initial project discussions with SAP through the build phases and go-live, the utility company had SAP-security-focused experts on their team to help them address challenges as they arose, recommend best practices, troubleshoot with GSIs, SAP, and the hyperscale, prevent scope creep, and mitigate or avoid security or compliance project delays.
“In the five years we’ve worked with Onapsis to secure our on-premises systems, we’ve not only experienced the day-to-day value of their technology – cutting our investigation times in half and reducing our mean-time-to- remediate by over 75% – but we’ve come to rely on them as true expert partners in shaping and optimizing our SAP security strategy. We knew we had to have them involved from the start when we began our RISE discussions and their guidance was invaluable, helping us to not only navigate but anticipate potential security and compliance obstacles so we could get ahead of them and avoid unexpected project delays.
The automation and risk-based analysis provided by their solutions made it easy to build security checks into each stage of the product, so we could find and fix things quickly, our teams were aligned, and we were ultimately able to deliver our RISE project on time and on budget.”
VP of Security, Utility Company
Conclusion
With the Onapsis partnership, the utility company saw great success by starting early and building security into their RISE with SAP transformation project. The risk-based analysis, automated processes, and expert guidance provided by Onapsis not only de-risked the project and improved overall security, but also offered significant time and cost savings.
The partnership helped them finish the project ahead of schedule with practically no delays due to security or compliance issues, and they will continue to leverage Onapsis RISE experts and technology to ensure their expanding RISE landscape stays clean and protected.
