Secure Your Procurement Transformation

Lakshmi Hanspal

Today’s cloud technologies power levels of innovation, agility, and efficiency that are unparalleled by any other approach. When it comes to sourcing and procurement, the use of flexible, cloud-based solutions and business networks for buying and selling goods and leveraging services is a key factor for driving digital transformation in organizations. Digital transformation may be an amalgamation of the value proposition that you are offering to your customers, a more responsive value chain, and increased productivity to meet your profit and growth objectives.

Companies are moving to the cloud faster than ever, with the majority already capitalizing on cloud solutions or making active plans to adopt them. Yet security concerns cause many to hang back, and rightly so: Cyberattacks pose a serious and growing threat, causing devastating consequences that can damage or destroy those caught in the cross-hairs.

Cybercrime: A clear and constant danger

Though 80% of businesses view digital transformation as a key priority, only 23% completely trust public clouds to keep their data secure, while 49% are delaying cloud deployment due to cybersecurity skill gaps.

  • 78% are experiencing greater risk, even though 50% are investing more in IT security
  • 62% have undergone data breaches in recent months
  • 56% fear negative impacts on their critical infrastructure
  • 40% believe their intellectual property is vulnerable (per KuppingerCole meta-research commissioned by SAP, 2016)

So how do you reap the rewards while minimizing risk? By choosing partners you can depend on.

Gain confidence in the cloud

Cloud-based solutions providers have created a trust model and established a holistic, multidimensional approach to build and maintain evolving cloud security and privacy solutions.

This trust model includes a comprehensive set of security measures to:

  • Embed security into the entire software development lifecycle
  • Safeguard proprietary information against internal and external risks
  • Limit access to sensitive data through a least-privilege, need-to-know approach
  • Establish environment segmentation and demarcation
  • Focus on resiliency as core competency
  • Ensure high availability, monitoring, and business continuity

This cloud security model delivers a comprehensive security strategy uniquely designed to safeguard digital transformation – enabling you to build secure, run secure, and stay secure in the cloud. What follows are best practices to look for in choosing your cloud provider.

  • Build secure: Data protection starts with safe solutions – by securing the software development lifecycle from ideation through design, build, test, and deploy, adhering to secure development principles in strict accordance with ISO 27034.
  • Run secure: To run secure, your provider should use end-to-end encryption using the latest advanced protocol and ciphers such as TLS 1.2, SHA-2. Proven risk management practices establish risk transparency and maintain a customized, effective approach.
  • Stay secure: Adherence to global security guidelines can ensure that security compliance is maintained at all times. These guidelines are defined by the International Organization for Standardization (ISO), Sarbanes-Oxley Act (SOX), Statement on Standards for Attestation Engagements (SSAE), International Standard on Assurance Engagements (ISAE), and more. In addition, your provider should conduct proactive, recurring security risk assessments, data privacy impact analysis, regulatory reviews, and comprehensive, recurring third-party audits.

To learn more about SAP Ariba’s security strategy, join our informative cybersecurity webinar on Wednesday, October 4, 2017.


Lakshmi Hanspal

About Lakshmi Hanspal

Lakshmi Hanspal is chief security officer at SAP Ariba. In this senior leadership role, Lakshmi drives an innovative and robust approach to securing all aspects of SAP Ariba. Her approach is collaborative, business- centric, and sustainable in enabling business growth and revenue. She leads the SAP Ariba Global Security Organization, including Security Strategy, Architecture and Operations, Threat Intelligence and Governance, Risk & Compliance, and matters related to global privacy management.