Managing Customer-Owned Encryption with the New Key Management Service | feat. Sascha Vierlinger

Описание: Niklas Siemer is joined by Sascha Vierlinger, Product Manager for the SAP Key Management service, to unpack customer-owned encryption in cloud environments, and why more organizations want control of the “last layer” of trust: the keys.

They walk through why encryption matters more in the cloud, the difference between SAP-managed and customer-managed keys, and what a modern Key Management Service (KMS) needs to deliver: secure key storage, lifecycle controls (enable/disable/delete), auditability, and operational safeguards such as the four-eyes principle. The conversation also covers the classic “red button” scenario (cutting off access quickly in an emergency) and how SAP’s new KMS is designed as a more scalable, central approach compared to the legacy SAP Data Custodian KMS.

In this episode, you’ll learn:
✅ Why who controls the key is effectively who controls the data (especially in regulated industries).
✅ The three models for key control: Sub-managed keys, Bring Your Own Key (BYOK), and Hold Your Own Key (HYOK).
✅ What “key lifecycle” really means (rotation, disabling, deletion—and the very real risks).
✅ How SAP’s new KMS supports stronger governance with audit logs and multi-party approvals.
✅ What to expect commercially (licensed product + connections) and how this fits with SAP BTP usage.

Chapters:
0:00 - Cold open: “If I remove the key… no one can access my data”
0:21 - Welcome + episode topic
0:38 - Meet the expert: Sascha Vierlinger
1:29 - Why encryption matters more in the cloud
3:03 - SAP-managed keys: what it means for customers
4:57 - Why

Read more about the new Key Management Service. 👉 https://sap.to/6057hdKWU