Protecting data is among the top priorities of organisations these days as they are moving their operations to the cloud. This is especially true for businesses using SAP systems—software used to manage everything from finance to customer relationships. With sensitive information constantly moving between systems, ensuring that data doesn’t fall into the wrong hands is a challenge many companies are trying to solve.
An experienced professional, Naresh Kumar, has spent years working on exactly that. With a background in SAP security, he helps firms protect their data while keeping their systems operational. He does not only add security tools but focuses on integrating safety into the system from the beginning. He has contributed to setting up secure methods to transfer data within SAP systems, both in the cloud and on company servers. By applying encryption and ensuring these methods comply with privacy regulations like GDPR and HIPAA, he has supported risk reduction across sectors such as healthcare and retail.
He was involved in connecting SAP systems with tools from Microsoft Azure—things like identity management, secure storage, and threat detection. This setup helps companies manage who can access what, and detect any signs of trouble early on.
In another project, Kumar developed a role-based access control system, which means that people can only see or change data if it’s part of their job. This helps reduce the likelihood of mistakes or security breaches. He also worked on updating the way SAP applications are developed and launched, using secure pipelines that shortened deployment time from 10 days to 4—while complying with internal and external security standards.
Discussing his major projects, he mentioned supporting a large healthcare provider’s move to SAP S/4HANA in the cloud. He ensured the setup included secure identity logins and encrypted data transfers, and that it complied with healthcare regulations. He also connected SAP to third-party apps securely and developed monitoring tools so that any issues could be identified and addressed promptly. “By implementing role-based access controls (RBAC), multi-factor authentication (MFA), and continuous vulnerability scans across SAP BTP and S/4HANA, the number of monthly security incidents dropped from over 20 to under 10 in 6 months,” he added.
However, these advancements came with a few challenges. Sharing them, he added, “I have tackled the challenge of ensuring compliance in Multi-Cloud SAP deployments by standardizing cloud security baselines with Infrastructure-as-Code (IaC), allowing for rapid deployment of compliant environments across Azure and SAP BTP. To manage a high volume of false positives from security tools, I have refined security alerting rules in SIEM tools and SAP Cloud ALM and worked with DevSecOps to classify alerts efficiently.”
By adjusting the alerts and helping teams identify relevant issues, he contributed to a 40% reduction in false positives. This gave security teams more time to address actual problems instead of investigating false alarms. Additionally, getting non-technical teams to focus on security was also challenging. This was addressed by organizing training sessions and sharing examples of security incidents. This helped people understand its importance and encouraged them to include safer practices in their daily work.
Looking ahead, industry professionals note that the next step is making security part of the code itself. This approach, known as “Security-as-Code,” means that checks and protections are integrated into the system as it’s being developed, rather than added later. Based on examples from this expert, cloud security involves not just software or firewalls, but also planning, collaboration, and ensuring that every part of the system is developed carefully.
About the Professional
Naresh Kumar Rapolu has over 15 years of experience in SAP Basis, HANA, NetWeaver, and Cloud consulting. He holds an MBA in IT and Marketing from Osmania University and certifications in SAP HANA, ITIL Foundation, and Azure specializations such as Azure Administrator and Data Engineer. Over the years, Rapolu has worked with organizations such as Accenture, IBM India, HCL Technologies, and Mindtree, where he managed SAP implementations, upgrades, database migrations, and cloud solutions for clients including British Petroleum and Unilever.
Currently, he works as a Cloud Architecture Specialist at Infoshare Systems Inc., focusing on SAP BTP, cloud integration, and data management on AWS and Azure. His technical knowledge covers SAP S/4 HANA, BW4 HANA, SAP Fiori, CPI, and databases like Oracle and MS SQL Server. He has managed projects involving performance tuning, system security, and disaster recovery. He continues to support businesses in maintaining their IT systems.
