Dear Samuli and Martin, thank you! However we are still in the 0/1 – yes/no state discussion and I am sure that there are various levels and methods available allowing real mobility and byod. Sure for some users having access to very sensitive areas have to secured by VPN but for the majority is that really necessary? How is SAP granting the users access to SAP HANA Cloud?
Please note that we are living in the era of internet banking and the access to bank account’s doesn’t requires VPN. Of course there is risk but due to the rules it has to be identified, assessed etc. I viewed the “Secutity” space but there are very specific issues treated. Can you advice where to find about many incidents of hacking on SAP (as Samuli wrote). And Marting – good point about the castle approach – we know already that this is giving only the illusion of security. As they are static and there always are weak points intruder may evaluate and prepare the right and smart assault.
Is the NWBC access allowing the intruder to reach something outside the assigned authorizations of particular user?