Human Capital Management Blog Posts by SAP
Get insider info on SAP SuccessFactors HCM suite for core HR and payroll, time and attendance, talent management, employee experience management, and more in this SAP blog.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Principles to Practice: Securing SAP Business AI

Jana_Cyber
Product and Topic Expert
Product and Topic Expert
3 weeks ago
742

Introduction

When it comes to SAP Business AI, security is not just about protecting models and data — it is about building trust at every layer of the system. In this blog, we will explore how we bring Responsible AI principles into practice in the real world. From orchestration services and secure authentication flows to strong authorization frameworks, API security, and robust data protection, we will delve into the building blocks that keep AI systems resilient, ethical, and enterprise ready. To make sense of this complex ecosystem, I have created the Periodic Table of SAP Business AI and briefly explained each of its pillars.

Periodic Table of Security and Compliance in SAP Business AI

  1. Running SAP Business AI — including our AI co-pilot, Joule — in a secure and responsible way starts with a strong, multi-layered security strategy. At the heart of it is Responsible AI (shown in purple on our table), reflecting SAP’s commitment to ethical use, compliance with regulations like the EU AI Act and NIST Cybersecurity Framework, and thorough internal reviews of AI use cases.
  2. Building upon this are robust AI Technical Security measures (represented in green), including secure authentication and authorization via SAP Cloud Identity Services (IAS/IPS) with Principal Propagation, strict secure data handling protocols preventing the use of customer data for third-party LLM training or long-term retention, and regularly audited encryption and access controls.
  3. The secure infrastructure/platform is provided by Cloud Security (the dark blue elements), operating on a shared responsibility model and featuring multi-regional cloud deployment, platform security, Risk and Threat Management Security Monitoring, DDoS mitigation, and compliance with global standards like ISO 27001, SOC 2, and C5.
  4. Enhancing safety AI and Data Privacy (Orchestration Services, the blue section) are key capabilities like Data Masking to protect sensitive information, Content Filtering to block unwanted content, and Grounding (leveraging secure data sources like RAG) to minimize AI hallucinations. Our periodic table visually encapsulates this multi-faceted approach to securing SAP's Business AI innovations.

Figure 1: Periodic Table of Security and Compliance in SAP Business AIFigure 1: Periodic Table of Security and Compliance in SAP Business AI

 

Orchestration Services:

Orchestration Services, is a key component of the SAP AI Core and Generative AI Hub, are specifically designed to address Responsible AI requirements. They act as a secure and safety AI pipeline, ensuring that interactions with LLMs adhere to ethical AI principles and regulatory standards.

These services go beyond simple LLM access, providing a suite of essential functionalities that enable the creation of powerful, yet controlled, AI workflows without extensive coding. A core function is the ability to process and refine data before it ever interacts with the LLM, allowing for crucial security and compliance measures to be applied upfront.

Figure 2: Orchestration ServiceFigure 2: Orchestration Service Here’s how Orchestration Services achieve this:

  • Grounding for Trust and Accuracy (with Secure Data): To mitigate the risk of AI "hallucinations" and enhance reliability, Orchestration Services implement Grounding. This process leverages a customer's own secure knowledge sources – think internal policy documents or product specifications – to augment the LLM's knowledge. By grounding AI responses in trusted, internal data (often through Retrieval-Augmented Generation or RAG), organizations can ensure greater accuracy and build user confidence through source attribution.
  • Data Masking for Privacy Protection: Compliance with data privacy regulations is non-negotiable. Orchestration Services address this through Data Masking. Before a user query or sensitive business information is sent to an LLM, this module can perform masking, anonymize or pseudonymize personal data. This ensures that privacy is protected while still allowing the LLM to generate useful and contextually relevant responses and can also help in mitigating certain types of bias in AI outputs.
  • Content Filtering for Safe and Ethical Use: Maintaining a safe and ethical AI environment is critical. The Content Filtering capabilities within Orchestration Services act as a vital safeguard. By screening both user inputs and LLM outputs for undesirable content (such as hate speech, violence, or sexually explicit material), organizations can enforce acceptable use policies and prevent the deployment of AI for harmful purposes. This filtering can occur at multiple levels, both within the Orchestration Service and at the model provider level.
  • Prompt Templating for Controlled Interactions: Orchestration Services also provide Prompt Templating, which allows for the creation of standardized query structures. This not only ensures consistency in AI interactions but also enables the embedding of instructions related to content safety and desired response formats, providing another layer of control over LLM behavior.

Reference: Orchestration Workflow

AI Technical Security:

Authentication and Authorization

Joule is an AI assistant built into SAP’s cloud applications enabling users to interact with business systems through natural, conversational language. It runs on SAP Business Technology Platform (SAP BTP) and uses SAP Cloud Identity Services for authentication—specifically Identity Authentication Service (IAS) and Identity Provisioning Service (IPS). IAS handles user logins and integrates with both SAP and company identity providers using OpenID Connect (OIDC). When users access Joule through an SAP application, they’re authenticated via IAS, and single sign-on is supported through browser cookies—requiring proper domain setup for consistency. Joule uses the standard SAP BTP login flow with a security token (JWT) to verify the user’s identity.

Joule doesn’t have its own permission system; instead, it relies on the existing role-based access controls in the SAP applications it’s integrated with. It accesses backend data using a method called principal propagation, which allows it to act on behalf of the user while respecting their existing permissions. IPS helps replicate user roles so that Joule only shows relevant features. Joule, when used with SAP SuccessFactors, is built with a strong focus on data protection and privacy. All business-critical and personal data remains within the customer’s own SAP SuccessFactors tenancy, ensuring tenant-level data isolation and control. Joule accesses this data only during authenticated sessions via OAuth 2.0, and no customer data is stored within Joule itself. Communication between Joule and SAP SuccessFactors is encrypted using TLS 1.2 or higher, and only log data—fully encrypted and hashed persisted temporarily. To further ensure Safety AI, SAP applies content filtering to user prompts query before they are sent to third-party large language models (LLMs). These third-party LLMs do not store, retain, or train on customer data. All access to LLMs is managed through secure, standardized APIs, and operates within a tightly controlled, authenticated session.

Figure 3: Joule Security Architecture and ControlFigure 3: Joule Security Architecture and Control

 

Additional technical controls are as follows:

  • Role-based access: Joule uses your existing SAP permissions to control what data you can access.
  • Trusted answers: Responses are grounded in real documents like HR policies to ensure accuracy.
  • Privacy protection:
    • Data is encrypted in transit (while moving between systems) and at rest (when stored).
    • Business data remains securely stored within the original cloud applications, such as SAP SuccessFactors and SAP S/4HANA Cloud, not in Joule itself.
  • Reduced AI errors: Grounding helps prevent the AI from generating incorrect or irrelevant information.
  • Secure infrastructure: Runs on SAP BTP with built-in controls for data security and identity management.
  • Upcoming tech: SAP is adopting the HANA Vector Engine to securely store and retrieve document embeddings.
  • Compliance & ethics: Joule is developed using secure coding practices, AI ethics guidelines, and follows industry regulations for data handling.

SAP Cloud Security

To ensure the highest levels of trust, privacy, and compliance, SAP implements a comprehensive security framework across its cloud platforms. This framework includes proactive testing, strict governance, and robust technical controls to protect customer data and maintain the integrity of AI-driven services like Joule. Key security measures include:

  • Red Teaming & Penetration Testing: SAP conducts regular hacking simulations and regular scanning to proactively identify and fix vulnerabilities.
  • Third-Party LLM Risk Assessment: All large language model (LLM) integrations from external providers undergo strict risk assessments, performance and benchmark testing to ensure compliance with SAP’s security, privacy, and ethical standards.
  • Contractual Assurance: Comprehensive contractual assurance, Service Level Agreement, Data Processing Agreement and General Terms and Conditions and SAP AI terms
  • AI Ethics & Policy Governance: SAP follows internal AI ethics guidelines and governance frameworks to ensure responsible AI development and usage.
  • Secure Development Lifecycle: Security is built into every stage of the software development process through code reviews, automated checks, and threat modeling.
  • Security Monitoring & Incident Response: Continuous monitoring and dedicated response teams help detect, investigate, and respond to threats quickly.
  • Access Controls: Role-based access, logging, and privileged identity management
  • Compliance with Global Standards: SAP maintains standard attestation and certifications (e.g., ISO 27001, SOC) to protect customer data and aligns with global regulations (such as EU AI Act, GDPR).
  • Tenant Isolation: Customer environments are logically separated to prevent unauthorized cross-access in multi-tenant cloud systems.

 

Responsible AI

At SAP, Responsible AI means building and using AI in a way that is ethical, secure, and trustworthy. This includes respecting privacy, ensuring fairness, and following global regulations like the EU AI Act and NIST standards. SAP’s AI systems are designed with human oversight, transparency, and safety in mind. Principles such as “Do No Harm,” fairness, data protection, and accountability guide how AI is developed and used across our products.

To enforce these principles, SAP has a robust governance structure that includes the AI Ethics Steering Committee, AI Ethics Advisory Panel, High-Risk Use-Case Review Committee, and the SAP AI Ethics Office. Each AI use case is ethically evaluated and classified into Minimal/No Risk, High Risk, or Red Line (prohibited) categories. Red Line cases—like surveillance or discriminatory AI—are immediately stopped. High-risk cases undergo additional scrutiny and require approval before proceeding. Ethical oversight is integrated into the full AI system lifecycle, from design to deployment, and includes ongoing monitoring. You can refer to SAP AI Ethics Handbook for more details.

From principle to practice, these Responsible AI practices are embedded across SAP offerings such as SAP Business AI and Joule, and technical safeguards like Authentication, Authorization, API Security, Retrieval-Augmented Generation (RAGE), grounding, content filters (input and output), and data masking. SAP’s approach also aligns with global standards and regulations, including the EU AI Act, NIST frameworks, ISO standards, ensuring that its AI systems are not only innovative but trustworthy and compliant by design.

Conclusion

SAP Business AI prioritizes security and ethics at its core. By integrating Responsible AI principles into every layer, from foundational infrastructure to user-facing tools like Joule. SAP delivers AI solutions that are not just powerful and scalable, but inherently trustworthy, compliant, and safe. The Periodic Table of SAP Business AI is an attempt to visually articulates this comprehensive strategy, demonstrating the synergy between technical safeguards, ethical governance, and regulatory adherence in safeguarding data, users, and results. In the fast-moving world of AI, SAP shows that real innovation works best when it’s built on integrity, responsibility and safety.

Disclaimer:

 © 2025 SAP SE or an SAP affiliate company. All rights reserved. See Legal Notice on www.sap.com/legal-notice for use terms, disclaimers, disclosures, or restrictions related to SAP Materials for general audiences.

(Jana Subramanian serves as APJ Principal Cybersecurity and Compliance Advisor and has been recognized as a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals (IAPP). As part of his responsibilities, Jana helps with strategic customer engagements related to topics such as Cybersecurity, AI Security, Data Privacy and Regulatory Compliance.)

 

 

Popular Blog Posts