​SAP denies backdoors, defends its software used in government

SAP says its government customers around the world can do with its software as they see fit, but that the company doesn't place backdoors in any of its products.

SAP has denied claims in recent media reports that could raise questions over the security of the company's products.

SAP said on Friday that recent reporting about the company regarding its in-memory platform HANA and its work with the National Security Agency are "misleading and flawed".

Several recent reports in German media drew attention to SAP subsidiaries' roles as key suppliers of software that supports US security agencies' mass surveillance capabilities. These included SAP's US subsidiary, SAP NS2, which serves US government customers, as well as Inxight, a company that Business Objects acquired in 2007 just before SAP acquired it.

Read this

SAP vs. Oracle: Let's play dueling BS banjos

The two most recent earnings conference calls with Oracle and SAP featured a heavy dose of smack talk that doesn't quite add up. Oracle and SAP do share a common obsession, though: Workday.

Read More

The reports claimed US agencies would be interested in SAP's HANA software because it could process large volumes of data - exactly the type that would be collected in mass surveillance systems. Meanwhile, SAP's acquisition of Sybase in 2010 made it a key supplier to the NSA.

Responding to the reports, SAP's CEO Bill McDermott said in a statement that the company releases standard software and that customers decide how to use it.

"The subsidiaries we have created to work with governmental organizations in the US and elsewhere are independently managed and are reviewed by independent external auditors. Claims that this setup allows access to customer data are false," he said.

The CEO added that the company does not include backdoors in its products.

"In addition, there are no so-called 'backdoors' built into SAP software and customer data cannot be retrieved externally. No company is more committed to data privacy and security than SAP," he said.

The CEO also made no apologies for supplying software to government agencies.

"When we talk about business challenges, few are as significant as public service and public safety. It is unquestionably within our interest to offer software to public agencies as they look to improve outcomes through innovation. Technology is one of the means to ensure our safety and to protect people's lives," said McDermott.

Read more on SAP