One of the world’s leading athletic performance footwear and apparel manufacturing companies, Under Armour, has recently facilitated its SAP migration with the help of the AWS Professional Services team, shifting its SAP landscape to the cloud.The Baltimore, Maryland-headquartered company, founded in 1996, now boasts $5.6bn of revenue and a 17,500-strong global workforce. Through its migration, the business aimed to modernize and secure its extensive SAP environment in the cloud while minimizing disruption for the growing brand.The company completed the migration of its SAP environments to AWS in 2021, impressively not needing to appoint an outside organization to facilitate the migration. Instead, the company used Under Armour’s designated team with an SAP focus and an AWS Professional Services team working closely alongside them.As part of the migration, the business moved its ERP, supply network collaboration, global trade services, enterprise reporting (BI, BOBJ), integration (PI/ PO, data services), SAP Fiori and solution manager workloads to AWS.Under Armour decided to select AWS as its preferred cloud provider for SAP environments due to its “extensive global cloud infrastructure” as the cloud provider has many regions with three or more Availability Zones. Another factor that impacted the company’s decision was the AWS Professional Services’ availability, which plays the role of speeding up and safeguarding mission-critical migrations, as well as AWS’ comprehensive security services and support of 143 security standards and compliance certifications.Leaning on the migration, Under Armour managed to secure a foundation for improving performance and visibility across its design, merchandizing, planning, manufacturing, supply chain and sales distribution channels.The company’s move to the cloud was facilitated through “a short six-month lift and shift migration project” as detailed at SAPinsider Vegas by Gaurav Singh, SAP cyber security manager at Under Armour. Simultaneously the team made sure they have a policy and a standard for cloud from the get-go and followed the Center for Internet Security (CIS) benchmark.“We created our own kind of business baseline for those services we needed to enable, at least in a six-month period; you can always fine-tune later,” Singh says. “But for the migration project itself, we wanted to make sure our security underscore was at least 90 percent.”As part of their strategy, he details that the team established the principle “Identity is the new perimeter” as they minimized privileges using identity access management (IAM) and role-based access control (RBAC). They then employed single sign-on (SSO) and multifactor authentication and used identity federation and temporary credentials.“One thing we did differently when we wanted to migrate to AWS was saying: ‘We want to make sure we bring the security mindset from GRC [governance, risk and compliance]. And then that cyber mindset and understanding of the policies you have as a company,” Singh explains. “We said security has to be baked into the project, even though it was an aggressive timeline we were running with. So we made sure it was not an afterthought.”The approaches that helped the company adopt a GRC-focused mentality included unifying the organization’s governance and risk management with its technological innovation and adoption, using an enterprise risk management program to predict potential problems, minimize losses and take an SAP-based approach (i.e. User Access Review; Segregation of Duties).)Working to establish a controls process, the team geared up to set up and govern a secure, multi-account AWS environment with an intentional controls process by employing robust AWS account strategy and management process (e.g. Separate Prod AWS Account vs. Non-Prod). Another key action as part of this principle was using AWS Control Tower and Organizations, implementing service control policies (SCPs) and other controls to ensure accounts stay within access control guidelines.Pointing out the value of versatile cloud knowledge across the teams with various expertise, Singh says: “Your security teams should ramp up; they should also have at least some knowledge of AWS. I’m not trying to be an AWS guy, I’m still an SAP security guy. But it does help you if you wear multiple hats, as you have a cybersecurity mindset and cloud security expertise.”As part of its approach, the team then set out to actively monitor threats to ensure ongoing security, especially important for mission-critical systems like SAP - by actively monitoring through Amazon GuardDuty and taking direct action on anomalies. In addition, they also sent Amazon GuardDuty logs to the broader security IT team, providing a holistic view of any threats and “building a squad” to tackle SAP security with a holistic approach.The completion of the AWS migration allowed Under Armour to maintain optimum system performance and minimize downtime and data loss with a cross-region disaster recovery solution that includes 65 servers replicating from one AWS region to another.Following the six-month initiative, Under Armour set out to integrate its SAP environments with AWS’ set of technologies, including analytics, machine learning, compute and storage, with the modernization also bringing a range of AWS capabilities to fuel innovation in areas like 3D apparel and footwear design, digitally connected footwear and apparel, resource-efficient production, direct-to-consumer sales and global wholesale distribution.In other words, Under Armour bolstered its armor to be more secure and agile in the cloud age.
Access exclusive SAP insights, expert marketing strategies, and high-value services including research reports, webinars, and buyers' guides, all designed to boost your campaign ROI by up to 50% within the SAP ecosystem.
Always have access to the latest insights with articles, Q&As, whitepapers, webinars, and podcasts. Gain the inside edge. The SAPinsider Weekly helps you stay SAP savvy. Access exclusive bonus materials, discounts, and more.
This website uses cookies. If you continue to use the site you consent to our use of cookies in accordance with our Cookie Policy.ACCEPTRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
Premium
