A significant number (86%) of users don’t fully understand the implications of General Data Protection Regulation (GDPR) in relation to their current SAP landscape and future use of SAP, according to new research released today by the UK & Ireland SAP User Group.
Just over half (51%) of users said they had greater concerns around the compliance of their SAP landscape than they did 12 months ago. 53% of users said the emergence and growing use of cloud computing had increased their compliance challenges around SAP, while a further 57% said the same regarding the compliance challenges posed by workforce mobility. Just under half (49%) of users said they had greater concerns around the security of their SAP landscape than they did 12 months ago. When it came to both cloud computing and workforce mobility, 55% of users said their respective growth had contributed to increased security challenges around SAP.
“GDPR is presenting a huge challenge for many organisations and this isn’t just restricted to users of SAP. A failure of organisations to keep data secure and compliant will see them face severe financial penalties, so the issue of GDPR cannot be ignored. With the continued growth of cloud computing and increasingly mobile workforces, it is a challenge for organisations to fully understand where their data is residing and how it is being accessed,” said Brian Froom, Audit, Control and Security SIG Chair, UK & Ireland SAP User Group. “At a time when SAP’s product portfolio is becoming ever more focused on cloud and mobile, it is essential that users fully understand both the technology and its security and compliance implications.”
Nearly-three quarters of users (70%) stated that they found SAP access control a challenge. Overall, 73% of users said that they find it a challenge balancing workforce productivity and flexibility against ensuring their SAP landscape is secure and compliant. Just under half of users (47%) said they are currently using SAP GRC, or a component of it, for the governance, risk and compliance of their SAP landscape. Of those users that aren’t using SAP GRC, 35% said it was ‘too expensive’ and a further 18% said it was ‘too complicated’.
“Many organisations are in a catch-22 situation when it comes to balancing workforce productivity and flexibility against security and compliance. Considering the business-critical nature of SAP it is understandable that access control is an ongoing challenge,” said Brian Froom. “Our Securing Your Systems in the Digital World event is aimed at helping users address the challenges they may be facing when it comes to security and compliance. As part of the event we will have a dedicated track focused specifically on GDPR. Working closely with SAP, we will be providing users with the insight and best practice they need to ensure their GRC practices meet the demands of today’s digital world.”
Simon Niesler, Chief Operating Officer, SAP UK & Ireland commented; “We appreciate customer concerns about the implications of GDPR. The more bureaucracy and complexity you have in your business segment, the harder it is to grow quickly, and speed is what matters today. This is why we want to work closely with our customers to ensure they have the right technology infrastructure in place that meets both local and global legislative needs. There may be local regulations, but we need these issues solved on a global basis, and SAP is working with the international community on behalf of its customers and partners to do so.”