Detecting and Alerting GDPR Data Breaches in SAP
If you process people’s personal data in the context of selling goods or services to citizens within the EU then, from May 25th 2018, you will need to comply with the new GDPR directive.
Therefore, any data within your SAP systems that can be used to directly or indirectly identify a person will therefore need to be appropriately protected. This includes names, photos, email addresses, bank details, posts on social networking websites, medical, genetic, mental, cultural, and economic information .
Under GDPR, any breach of data protection must be reported to the Information Commissioner’s Office within 72 hours which means that an automated method for detecting, reporting and responding to data breaches will be crucial to ensuring compliance
ProfileTailor™ Dynamics can provide a pivotal role in detecting serious security threats within your SAP landscape including detecting access and theft of sensitive personal data, fraud and cyber attack.
ProfileTailor™ Dynamics continuously monitors your SAP landscape at a keystroke level and will trigger alerts if it detects any high risk activity or undesirable behaviour.
This means that any personal data residing within your SAP tables can be specifically monitored for access regardless of whether the access attempt is via standard transactions codes or direct table access.
ProfileTailor™ Dynamics is delivered with an extremely powerful workflow automation engine that can react to any events that triggered. Therefore, as well as sending an immediate alert upon detecting a potential breach, it can also trigger an audited workflow process to start to ensure that your organisation follows and completes the correct investigation and ICO reporting requirements.
ProfileTailor™ Dynamics can also provide the same levels of detection and alerting within your Active Directory environment. Sensitive servers, folders and files can be monitored for unauthorized access attempts and unusual access behaviour