Two independent studies have shown that the awareness regarding SAP security has tightened up over the past 12 months SAP users of the DACH countries as well as the SAP user group United Kingdom and Ireland see the necessity to spring into action and better protect their systems.
The UKI SUG (UK & Ireland SAP User Group) has published a study regarding SAP security based on statements of 112 SAP users last April. A similar survey has been carried out by IT-Onlinemagazin.de (results available - German only) in spring 2017 (you can read our detailed article on this subject here (German only). Around 109 SAP customers took part in it. UKI SUG found that 51 percent of the participants stated that their security concerns grew in comparison to the previous year. 66 percent of SAP users of the DACH countries also voice a higher awareness for the subject.
Both studies come to the conclusion that the new General Data Protection Regulation (GDPR) provides increasing relevance to the subject compliance. 51 percent of the UKI SUG surveyed confirm this statement. 53 percent state that the challenges to ensure compliance have grown, especially when considering that 81 percent cannot fully assess the impact of the new legislation on the SAP landscape. According to IT-Onlinemagazin, 63 percent are not capable of fulfilling compliance requirements which is why the investment in the area of SAP security is mostly affected by internal complaince guidelines.
While the SAP users surveyed by IT-Onlinemagazin are stating that one of the main activities they focus on at the moment are the securing of roles and responsibilities, 70 percent of the participants of UKI SUG state that the implementation of access control poses a huge challenge for them.
An alarming realization of IT-Onlinemagazin is that 74 percent state that their security infrastructure is outdated and has to be renewed. Only 42 percent continuously check codes, add-ons as well as 3rd-party products.
Author: Caroline Neuber, Virtual Forge GmbH