
In this third article in our data security series, Heike Fiedler-Phelps explains the role of GRC in enterprise security. Read the first two installments: #1 and #2.
Amid today’s high-profile cyber attacks, increasing concerns about customer privacy, and evolving cyber threats, enterprise data security has taken center stage. CIOs must be as adept at safeguarding data and systems as they are at keeping the business running. The growing IT to-do list includes constant planning and risk mitigation for:
A quick scan of news headlines confirms that security attacks, non compliance risk, and vulnerabilities can be found at any level of the organization, from operating systems and databases to applications and devices. At one level are annoyances such as auto-emailed viruses; at the other are more sophisticated phishing-style attacks that trick employees into clicking on dangerous links that install malware, steal credentials, or otherwise jeopardize the security of the enterprise.
CIOs are also busy integrating innovations such as cloud computing, mobile technologies, and big data – which increase flexibility, speed, and insights, but can also compromise security. Add to the list a fluid and mobile user base, and the task of securing it all is daunting. How do you secure customer data stored in, and accessed from, the cloud? Safeguard unstructured big data sources? Comply with changing data privacy regulations? Security professionals must be on constant guard, responding dynamically to minimize damage to bottom line or brand reputation.
Managing enterprise security
Where do you start? To address all these challenges, you need a master plan – an overarching approach to enterprise security management that includes governance, risk management, operations, and compliance.
The role of GRC in keeping your organization secure
Governance, risk, and compliance (GRC) solutions support each security management area with systems and processes aimed at improving performance while minimizing risk. For example, access controls help you grant and restrict data access to authorized
personnel, regardless of where the data is located – from the cloud to on-premise databases to mobile applications. GRC solutions play a key role in supporting enterprise security in the era of big data, cloud, and analytics.
Selecting the right GRC solutions
Figuring out which GRC products are right for your needs can be a challenge. Start by asking yourself some questions. Are you thinking about a move to the cloud? Are you starting to tap into big data? What’s working well? What are your areas of risk? What can you do to reduce or eliminate enterprise security risk? How can the SAP GRC portfolio help? Can you expand your current GRC solutions to better address high-level risks?
SAP provides a cohesive and seamless GRC portfolio that helps you set policies and identify risks. With real-time risk detection and monitoring, you can response immediately to eliminate fraud and other threats and better support the business.
To learn more about how SAP security and GRC consulting can help you ensure data governance, risk, and compliance both in the cloud and for big data, visit us online.
If you want to learn more, please visit the SAP Service & Support area at SAPPHIRE NOW 2015 in Orlando.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
2 | |
2 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |