Protecting SAP Data Systems to Adhere with GDPR Regulations
The GDPR (General Data Protection Regulation) is a regulation that requires businesses to protect the personal data and privacy of European Union citizens in regards to transactions that occur with any EU data subjects. Most businesses if not all, leverage their data specifically to better understand their customers. Compliance with the GDPR has caused much concern with the new expectations of security systems as well as how these organizations manage their SAP framework.
With the change in regulation and the upcoming enforcement date of May 25th, companies utilizing SAP systems must ensure that their data is secure and safe from the threat of a breach. Within an SAP system lives a vast amount of code and data, which means that companies must constantly be weary of security threats from internal and external audiences. Elevating the risk more so is the possibility of legal fines should a breach within the SAP system occur. There are approximately 320 million lines of code in SAP’s Business Suite alone, leaving substantial vulnerabilities at any given time. According to the GDPR, fines for a breach infraction can cost businesses up to 4 percent of their global revenue, or $20 million Euros.
One challenge businesses face in particular is that even if they’re large enough to have a dedicated internal IT department, their focus remains on tying business operations to IT functions. The notion that most IT staff are information security experts is a widespread misconception, leaving thousands of companies and their millions of customers exposed to everyday security threats. This vulnerability can be costly, as the CISO of a Fortune-500 company once said: "If our company's SAP system is breached, it will cost us $22 million per minute."
Thomas Kastner is the Managing Director and Chief Technology Officer at Virtual Forge GmbH, the leading provider of Cyber Security solutions for SAP systems and applications. He is responsible for the product management and development, consulting services and IT Infrastructure. For more information visit www.VirtualForge.com.