View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
June 9, 2017

Cloud & workforce mobility give SAP users a GDPR headache

Security concerns are on the rise as many SAP users are unaware of the implications of GDPR for them.

By James Nunns

The majority of SAP users are uncertain how their use of the company’s products will be impacted by the implementation of the General Data Protection Regulation (GDPR).

A survey of UK users by the UK & Ireland SAP User Group found that 86% don’t fully understand the implications of GDPR with regard to their current SAP landscape and the future of the products.

Concerns regarding compliance are on the rise with 51% saying they have greater concerns now than they did 12 months ago, while 53% of users said that the emergence and growing use of cloud computing had increased their compliance challenges around SAP., a further 57% said the same regarding the compliance challenges posed by workforce mobility.

Concern is also increasing regarding the security of their SAP landscape (49%).

Read more: SAP goes multicloud with Azure, AWS & Google

“GDPR is presenting a huge challenge for many organisations and this isn’t just restricted to users of SAP. A failure of organisations to keep data secure and compliant will see them face severe financial penalties, so the issue of GDPR cannot be ignored. With the continued growth of cloud computing and increasingly mobile workforces, it is a challenge for organisations to fully understand where their data is residing and how it is being accessed,” said Brian Froom, Audit, Control and Security SIG Chair, UK & Ireland SAP User Group.

“At a time when SAP’s product portfolio is becoming ever more focused on cloud and mobile, it is essential that users fully understand both the technology and its security and compliance implications.” SAP GRC

The concerns for SAP users doesn’t end there, with 70% stating that they found the company’s access control a challenge and 73% saying that they find it a challenge to balance workforce productivity and flexibility against ensuring the security and compliance of their SAP landscape.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

SAP does offer GRC, which is designed to automate access control and enforce governance, however, while 47% are using it many aren’t. Those those aren’t using SAP GRC said it was too expensive (35%), and too complicated (18%).

Read more: SAP accelerates S/4 HANA cloud adoption

Simon Niesler, COO, SAP UK & Ireland said; “We appreciate customer concerns about the implications of GDPR. The more bureaucracy and complexity you have in your business segment, the harder it is to grow quickly, and speed is what matters today. This is why we want to work closely with our customers to ensure they have the right technology infrastructure in place that meets both local and global legislative needs.

“There may be local regulations, but we need these issues solved on a global basis, and SAP is working with the international community on behalf of its customers and partners to do so.”

The survey questioned 102 SAP user organisations in the UK & Ireland.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.