Digital Sovereignty for SAP Applications: Why SUSE is Your Trusted Partner

If you have read the blog posts from my colleague Ton Musters, you are probably familiar with SUSE’s position on open sovereign IT and how to get started on your Open Sovereign IT journey. 

Digital Sovereignty is an increasingly important consideration for SAP customers, and I want to show you how you can apply some of these Digital Sovereignty principles to your SAP landscapes.

Digital Sovereignty and SAP applications

According to SAP, SAP customers generate 84% of total global commerce, with 98 of the 100 largest companies in the world relying on SAP applications to power their operations. 

SAP offers packaged solutions for 26 industries and 12 lines of business in the cloud, on-premises, and hybrid. 

To put this into perspective, eight out of ten commercial transactions that are made, are processed by an SAP system. As you can imagine, that means a large quantity of potentially sensitive data is being processed through an SAP system at any one point in time.

It comes as no surprise that Digital Sovereignty is top-of-mind and a great responsibility for most of our SAP customers. As you probably notice, any failure in mitigating geopolitical risks, or gaps in the resiliency of their IT architecture, can be catastrophic to the business on a global scale. 

Considerations for SAP Customers on Your Digital Sovereignty Journey

Open by Design, Sovereign by Choice

The Challenge for SAP Customers: In today’s complex geopolitical landscape, SAP customers face increasing pressure to maintain control over their data, operations, and technology in the face of evolving global regulations and supply chain risks. 

Recent research indicates that over 80% of organizations in Europe are actively adopting or planning to adopt sovereign cloud solutions by the end of 2025, driven by a need to protect digital operations from volatility and ensure full control over sensitive data. Many organizations, particularly in regulated industries, struggle with a lack of transparency regarding data location and jurisdiction, with only 35% of surveyed IT leaders having complete knowledge of where their data is hosted. This can lead to significant compliance risks and a perceived loss of control.

SUSE’s Solution: Open source technologies is at the core of what we do, and our SAP solutions are no different. This “open by design, sovereign by choice” philosophy provides SAP customers with much more transparency and flexibility to help them comply with evolving regulatory requirements and adapt to fast-changing business needs. 

SUSE’s decades-long commitment to choice, security, and compliance helps you work towards addressing your Digital Sovereignty needs.  For example, SUSE has recently introduced SUSE Sovereign Premium Support, a service rolled out in the EU to start with, with named, EU-based support personnel offering a service designed to help our customers meet the operational resilience requirements that are becoming more and more of a priority within the European Union.

Software Supply Chain Security and Security Certifications

The Challenge for SAP Customers: The increasing complexity of software supply chains presents a significant cybersecurity challenge for SAP customers. The global cost of software supply chain cyberattacks to businesses is projected to exceed $80.6 billion annually by 2026, a 76% increase from 2023. 

Organizations are increasingly dependent on third-party components, which can create grave threats to data and system functionality. A major risk highlighted is the lack of visibility into vulnerable or outdated components, making it difficult to detect and mitigate threats effectively.

SUSE’s Solution: SUSE Linux Enterprise for SAP applications is not only the leading platform to run SAP applications on Linux, but also a unique solution with high levels of Software Supply Chain Security and Security Certifications. It is accredited by prestigious certification organizations worldwide, like NIST and the Common Criteria Recognition Arrangement (CCRA), achieving certifications such as Common Criteria EAL4+, the highest level attainable for an open source operating system.

This level of certification provides SAP customers with assurance of high standards in our product delivery process and tight alignment with local regulatory requirements. SUSE’s internal processes for securing the software supply chain, including adherence to standards like SLSA (Supply-chain Levels for Software Artifacts), further help protect customers from security risks and vulnerabilities, ensuring the integrity of the software from development to deployment.

Digital Sovereignty Doesn’t Mean Losing Flexibility

The Challenge for SAP Customers: While digital sovereignty is a clear imperative, many SAP customers worry that stricter controls and localized data requirements might lead to a loss of operational flexibility, especially in hybrid or multi-cloud environments. Enterprises need to leverage cloud benefits like scalability while maintaining stringent control over sensitive data.

SUSE’s Solution: SUSE’s SAP solutions were created for a hybrid world and are designed to be platform-agnostic, providing the same experience and functionalities wherever customers run their SAP applications – whether on-premises, in a single cloud, or across multiple cloud providers. 

Technologies such as Confidential Computing allow SAP customers to implement Zero-Trust security even in environments they don’t fully control. Confidential computing enables you to encrypt data even while it is being processed, making it harder for malicious parties to access sensitive information. This ensures stringent data access control while maintaining the flexibility offered by the cloud, something that’s needed in highly regulated industries. 

Hybrid cloud solutions, like SAP’s Edge Integration Cell deployed on SUSE Rancher for SAP applications, allow SAP customers to control where their data is processed without sacrificing the flexibility of managing and configuring their workflows on the SAP Integration Suite interface in the cloud. 

SUSE Rancher for SAP applications is a tailored platform for SAP containerized workloads, enabling scalable hybrid-cloud deployments, enterprise-grade security, and vastly reduced complexity to accelerate SAP cloud adoption.

Customers can still extend their SAP hybrid cloud solutions with SUSE AI – a cloud-native extensible AI platform with open source principles that foster collaboration and choice – maintaining complete control over their data, while taking the advantages of AI. This was the strategy chosen by the FIS Group, a German independent service provider specializing in SAP projects, to build trusted AI solutions for their SAP customers.

If for you digital sovereignty is a new topic, check out the resources that we’ve compiled for around this topic.