SAP Data Privacy and Protection

SAP Data Privacy and Protection

SAP Data Privacy and Protection is SAP Analytics Cloud application designed for all SAP customers for monitoring and reporting on access to sensitive data. Solution provides easy to use visualizations, dashboards and detailed reports for data access. Solution can easily guide you to the information who had accessed a given sensitive information (e.g. payroll).

Functionality

  • Data usage monitoring for your SAP system.
  • Automated reporting and alerting triggered by users accessing sensitive data.
  • Single approach covering all SAP systems (access through SAP-GUI, RFC, WS (SAP ECC6, CRM, S/4).
  • Incident management and alerting - validation and monitoring of data usage.
  • Data usage overview dashboard and detail reports.

Benefits

  • On-line and immediate information on data accessed by your SAP Users.
  • All SAP systems covered out-of the box.
  • Automatic identification of non-standard data access.
  • Monitoring and identification of potential fraud behavior.
  • Significant improvement for internal audit processes.

Solution scope

Solution is utilizing Read Access Logs from SAP ERP which are enriched by additional data, translated to user language and transferred to SAP Analytics Cloud for reporting. Solution includes automatic log aggregation and translation feature, so log tables in primary systems are periodically cleaned. The architecture is prepared to include log information from all SAP solutions and thus solution can serve as one-stop shop for all information with regard to sensitive data access. Based on customer decision log data can be only stored on-site and visualized through SAP Analytics Cloud (real time access, no transfer of data to cloud) or fully transferred to SAP Cloud Platform.

Data access monitoring process

Data access logs are uploaded from primary system, each transaction is marked with a data sensitivity level, logs are also enriched by information such as user full name, user department etc. All information about the access to sensitive data are afterwards visualized utilizing SAP Analytics Cloud frontend.

From the top overview dashboard, user can access also deeper analysis, where data access can be analyzed from the perspective of:

  • Sensitive data area
  • User department
  • User role
  • Access time (working / non working hours)
  • Expected / unexpected level of usage

While for each particular usage of data, user can easily find out the full detailed information by simple double-click.