#Privacy: 69% of SAP users believe SAP projects do not prioritise IT security

Research has revealed that organisations are not fully equipped to manage risk, but have a growing appetite for “security by design”. 

The SAP Security Research Report by Turnkey Consulting, found that over two thirds (68.8%) of SAP users believe that their organisations put insufficient focus on IT security during previous SAP implementations. 

Over a half (53.4%) of SAP users indicated that it is “very common” for SAP security flaws to be unidentified during the audit process.

The report also uncovered that the majority of respondents were not fully equipped to manage risks, to which 20.8% felt most businesses did not have the skills and tools to effectively secure their SAP applications and environment, whilst 64.3% stated they only had some skills and tools. 

In regards to specific concerns, nine out of 10 (93.2%) respondents thought it was likely that an SAP audit would flag Access Management issues. 

However, the research also showed a growing awareness of the security challenges faced by today’s enterprise, with the adoption of ‘security by design’ regarded as a solution. 74.0% expect IT security to take greater priority in future SAP deployments, with 89.6% agreeing that security specialists should be brought on board to support their SAP S/4 HANA transformation programmes.

Richard Hunt, managing director at Turnkey Consulting, said:  “The findings of this survey mirror our day-to-day experiences; SAP security is often an afterthought on SAP deployments, with the result that not enough time and resource is allocated to the essential security activities that need to take place throughout the project.”

“However it is encouraging to see that boardroom awareness is growing as the general business environment becomes increasingly focused on compliance, data protection and cyber security. This understanding will drive organisations to take the critical step of designing security into implementations from day one.”


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.