November 27, 2020

min read

Securing SAP SuccessFactors – Protecting Human Capital

It goes without saying that your own organization’s most strategic cloud application is the most important one when it comes to ensuring proper data protection.

However, some clouds are different than others. Many of the programs that we run here at Lookout, and a large number of our customers’ environments, focus heavily on protecting their customers’ information, or their sensitive intellectual property. We spend a lot of time covering processes such as ensuring that employees don’t mistakenly transmit protected information such as PII and PHI, or product plans, within the scope of ongoing cloud-based email and collaboration.

Within the context of the global pandemic, as the remote workforce continues to swell, this has been an extremely relevant topic as well as a significant driver for additional uptake of our Lookout CASB platform.

Yet, some cloud apps are inherently different. It’s not to say that protecting the PII and PHI of your own employees and co-workers is more important than defending anything related to customers or business operations. At the same time, it is hugely vital to maintaining internal processes, and perpetuating organizational morale, to protect these unique assets to the max.

That’s where this week’s campaign on protecting SAP SuccessFactors comes in. We’ve spent a lot of time speaking to new and existing customers alike about this very topic of late. SuccessFactors is clearly revolutionizing the world of “HR” or what has now evolved into the paradigm of Human Capital Management (HCM) and we’re running into related opportunities all over the place.

In this week’s webcast, weI explored “The Top Seven Tips for Securing SAP SuccessFactors” – covering a range of related best practices, from understanding just whom precisely is allowed to access and handle data in the application – which itself spans everything from employee payroll records to internal success plans, and beyond – to detecting potential malware threats.

The whole conversation is uniquely compelling from the standpoint that cloud HCM is a massively powerful platform in and of itself in terms of enabling businesses to accelerate their operations and engage further in digital transformation. And the notion of protecting the sensitive details of your co-workers and even their families really strikes home. If we can’t successfully protect that data, who’s information can we be expected to handle?

For our part, Lookout’s approach is about extending and building on the significant security controls already built into SuccessFactors, from access controls all the way to encryption. While the application’s onboard security capabilities are robust, we’ve found that enterprises require additional help with areas including:

  • Maintaining continuous visibility into applications usage
  • Controlling access from trusted locations and devices
  • Maintaining optimized protection wherever data travels
  • Enforcing policies to ensure compliance [ex. GDPR]
  • Encrypting any protected data with full key control
  • Detecting threats including malware and compromises
  • Performing context-driven forensic investigation

And those capabilities represent precisely the requirements that our SAP SuccessFactors customers have turned to Lookout CASB to address, typically spanning a number of these areas and seeking a solution to address them in an integrated fashion. Then there’s the not-so-small matter of maintaining many different types of cloud apps in a centralized manner – the elephant in the room for any of these individual cloud apps security conversations.

To learn more about how Lookout can secure your SuccessFactors modules, check out the Lookout CASB solution.