Fraud and Compliance

Finding Security in Data Intelligence and the Cloud

Christopher Juneau |

There¡¯s immense excitement today about how artificial intelligence (AI), the cloud, and advanced data analytics will transform the way that organizations manage and optimize their travel and expense (T&E) operations.

Yet, that enthusiasm is also tempered by some apprehension. Seven in 10 decision-makers (72%) say they¡¯re concerned about personal and company data security, according to a recent SAP ÂÜÀòÊÓƵ-commissioned survey with Forrester. While modern spend management solutions can help make T&E more responsive and agile, they can also introduce new challenges around security and data protection if a mindful approach is not taken from the beginning.

SAP ÂÜÀòÊÓƵ has incorporated AI and machine learning technology into its spend management solutions for nearly a decade. Three words have guided our strategy since day one: relevant, reliable, and responsible. We employ this technology in a way that protects our customers, including barring it from using customer data to train the model for use outside of their organization. We are actively and intentionally taking steps to proactively protect our customers¡¯ data and security.

Looking for more specifics? Here are just a few ways that SAP ÂÜÀòÊÓƵ embeds security and privacy into every solution we deliver, while enabling our customers to make the most of data intelligence and the cloud.

Hybrid Security Measures

The shift to hybrid and remote work has unlocked productivity and brought more work-life balance to employees. At the same time, it¡¯s also introduced new complexities and security challenges for organizations. Expanding the definition of the workplace to include the home office, the hotel lobby, the coffee shop, and other makeshift working environments can increase risk¡ªif the right security measures are not in place.

As a company deeply rooted in the T&E landscape, we are well versed in ensuring the solutions we offer are secure regardless of location, since our customers can be in the office one day and on a plane the next. We understand that organizations need T&E solutions that empower everyone to thrive in the hybrid working environment while ensuring compliance. In fact, 71% of surveyed decision-makers say that increased security and data protection is the top benefit of implementing a modern T&E solution.

For example, whether customers are working remotely or in office, we¡¯ve instituted secure options for logging into our tools. Customers can choose to log in with single-sign on (SSO) initiated by an identity provider (IdP) or with a username and password¡ªwith two-factor authentication coming soon for those who choose the latter. We enable companies to customize according to their preferences and security policies (e.g., making SSO optional). We¡¯ve also put safeguards in place to automatically alert managers of profile changes, such as when a user¡¯s email address is updated.

End-to-End Privacy Controls

In recent years, there has been growing scrutiny into how technology companies collect, process, protect, and use the personal data of their customers. The rise of AI systems, trained on massive stores of data, have only further heighted those concerns.

SAP ÂÜÀòÊÓƵ upholds the importance of implementing safeguards that protect our users¡¯ data, which is why we¡¯ve embedded data protection functionality and privacy features into all our products and services, including data masking and data encryption. Our Data Privacy and Protection team evaluates and must approve every use case leveraging customer data. We are compliant with all personal data protection regulations in place, such as the General Data Protection Regulation (GDPR). We also make use of robust application programming interfaces (APIs) and secure file transfer protocols (SFTPs), more secure methods of transferring and integrating data than manual imports and exports.

This approach extends to how we develop, deploy, and use AI systems. In 2022, SAP published its Ethics Policy, which defines our approach to AI development in alignment with our organizational values, such as our commitment to developing systems that do not de-anonymize already anonymized data.

Modern, Robust Data Security

Ensuring our customer data is safe and maintains the highest security standards is a top priority. As more organizations move increasing amounts of data into the cloud, security has become more critical than ever to ensure that data remains private and bad actors never gain access. This is exceptionally true for T&E platforms, which handle large amounts of personal identifiable information. Strict data security standards must come built in.

To that end, SAP ÂÜÀòÊÓƵ has used industry standards and compliance and regulatory requirements to build a robust security foundation. We back this up by offering System and Organization Controls (SOC) reports to give organizations insights into the effectiveness of internal control systems implemented within cloud delivery units.

In addition, we¡¯re audited regularly for compliance with the leading global standards of security and service management, assuring our customers that we maintain data confidentiality, integrity, and availability at all times. The written results of many of these audits are available on request.

A New Era for Data Intelligence and the Cloud

With the right approach, modern spend management solutions can alleviate any security and data protection woes, allowing organizations to focus on moving their teams forward, not stressing over whether their data is protected. And SAP ÂÜÀòÊÓƵ is leading the charge.

Learn more about how SAP ÂÜÀòÊÓƵ builds, runs, and maintains secure operations for our customers by clicking here.

Fraud and Compliance
In every crisis there are people who can take advantage of the situation While we want to assume positive intent we must acknowledge that we are working often in wholly new...
Keep reading
Fraud and Compliance
Finance has always been at the forefront of the digital revolution No really Finance teams are some of the first ones that began using a graphical user interface and servers to manage...
Keep reading
Fraud and Compliance
For decades paper reigned as a key component to workflow processes including the approval system surrounding travel and expense management But as the world grows increasingly digital...
Keep reading