• / Free eNewsletters & Magazine
  • / My Account
Home>Onapsis Helps Organizations Map SAP Data to GDPR Compliance Requirements

Onapsis Helps Organizations Map SAP Data to GDPR Compliance Requirements

Onapsis Helps Organizations Map SAP Data to GDPR Compliance Requirements

09/21/2017

Onapsis Helps Organizations Map SAP Data to GDPR Compliance Requirements

Leading industry experts publish extensive guide to help organizations understand how to find GDPR-relevant data in their SAP systems and ensure it is compliant and secure

Onapsis, the global experts in SAP and Oracle application cybersecurity and compliance, today released “SAP and GDPR: Keeping Your Organization Ahead of the Upcoming EU Law.” With the GDPR enforcement date of May 2018 and steep fines of up to 4% of profit or €20 million looming, organizations are still struggling to understand this policy and how they will adhere to it. This guide aims to provide SAP customers an overview of GDPR, how it affects them and how they can begin a plan to become compliant.

Research conducted by the UK & Ireland SAP User Group shows 86% of SAP users do not fully understand how GDPR will affect their SAP landscapes and how to reach compliance. It is almost certain GDPR will have an impact, in some way or another, on any company large enough to have chosen SAP, which touches many aspects of the business. In fact, almost every SAP system includes GDPR's core element: personal data.

“SAP and GDPR: Keeping Your Organization Ahead of the Upcoming EU Law” will take a deep dive into how these mandates affect SAP specifically. It examines the types of personal data and where it may be stored in the SAP human capital management system, as well as other “infotypes” to consider including customer data, vendor data, partners, credit cards and user administration.

“At Onapsis we have received numerous questions and requests from our customers who are wondering if SAP needs to be included in their GDPR readiness plans. The truth is, SAP handles many different types of personal data, ranging from customers and employees to partners, and should absolutely be considered when organizations are dealing with compliance mandates. In fact, these companies are finding that gearing up for GDPR will not be a mere tweak of the current company privacy policy but rather a complete overhaul of existing business processes. With help from our customers we have been able to build specific GDPR compliance checks into the Onapsis Security Platform to allow for a quicker and more automated way to check if their SAP landscapes are in compliance,” said Alex Horan, Director of Product Management, Onapsis.

Sebastian Bortnik, Head of Research, Onapsis, adds, “With the growing trend in cyberattacks targeting SAP applications, most organizations are moving past relying completely on roles and profiles (SoD) and GRC for their security management and adopting a more complete security strategy. For any organization that has done a vulnerability analysis or truly identified where the key personnel or employee information rests in SAP, they know already that GDPR is relevant to these systems. The goal of this guide is to show SAP customers where they can look in their SAP implementations to discover if the data is there and the steps they can take to not just ensure compliance, but secure this data from inside and outside threats.”

SAP and GDPR: Keeping Your Organization Ahead of the Upcoming EU Law” is now available for download.

©2017 Morningstar Advisor. All right reserved.