Snow GDPR for SAP®

Monitor and Control Personal Data Risks Within SAP Systems


Data protection EU-GDPR

The May 25, 2018 enforcement deadline for GDPR compliance looms. Establishing compliance is a mountainous effort requiring personnel additions, process changes, and technology implementation. This is no different for those handling SAP systems, wherever personal data is stored, accessed or processed companies need to be in compliance with the new regulation or face drastic financial consequences.

The new Directive places considerably higher demands on accountability for the legally compliant handling of personal data which forces companies to pay full attention to the lifecycle of all data. For those handling SAP systems deleting and locking data will now have to be taken into account.

"Those who approach department heads to find out which personal data they need for which purposes in their processes can quickly encounter cluelessness. Companies will then have to cope with the failures of the last ten or fifteen years."

Volker Lehnert, SAP SE, Product Owner, Suite and S/4 HANA Data Protection & Privacy Program

Detect, Monitor and Control

Snow GDPR for SAP® detects and monitors how users work within SAP systems. This information can be used to identify and mitigate unauthorized behavior. The solution applies correct authorization settings so users cannot perform actions outside of their remit. With regards to the GDPR, this specifically refers to controlling their access to personal data.

With Snow, everything revolves around your security - in real time

Snow GDPR for SAP establishes security controls and detects data leaks. In real time, it will continually monitor and identify how all data is accessed by users, if there is a data breach, access can be denied automatically and the incident recorded.

Features and Information
Authorization Management

Checking cross-client and cross-system authorizations.

Monitoring and evaluation of critical SAP authorizations, real-time SAP transactions, combinations, processes and function separation matrices (Segregation of Duty (SoD) rules) on the basis of pre-configured and freely configurable SoD matrices.

By defining a role, this module detects critical authorizations in real time.


Monitoring and evaluation of approx. 3,000 critical SAP parameters and system settings, such as passwords or insufficiently secured settings at the operating system level, databases, OSS Notes, patch level, and more.


  • More than 3,000 checks in the standard scope of delivery
  • Automated checks of security-relevant parameters and settings
  • Analysis of all Basis platforms from SAP® R/3 through to NetWeaver 7.x
  • Security report with clear guidelines for eliminating weaknesses

Management of risks and mitigating control.

Identified risks from the areas of authorization and SoD evaluation as well as the technical system check can be transferred directly from the analyzes to the risk memory for further processing by mouse click. Comprehensive risk management process with risk identification, risk assessment, risk elimination and risk reporting.

Key functions

  • Definition of audit scope
  • Cyclical scheduling of checks
  • Automated running of audits
  • Detailed risk descriptions
  • Management of mitigating controls

Risk Track offers you a complete mitigation reporting system


Module for analyzing and securing SAP system interfaces and cross-system evaluation with creation of a complete interface overview as graphic and table output (such as RFC connections outbound, HTTP connections, RFC trusts, SSO trusts, DBCON connections).

Useful Resources

Snow GDPR Risk Assessment Brochure
The GDPR Emergency Kit


Higher Security - Lower Costs
Examination of user master data
SoD check for users, profiles and roles in real time
Predefined rules for segregation of duties (SoD) violations and confidential access (SAP® ERP, SAP® HCM, SAP® NetWeaver, IS-U, CRM, SRM) Rules based on market standards (SAP® Security Guides, BSI, DSAG revision guide, Cobit)
Intuitive rules editor
Prediction simulation for users, profiles and roles
Real-time monitoring used SAP® transactions
Save Time and Money Managing SAP Roles
Notable reduction in expenditure required for authorization management for day-to-day & project activities
Provision of best-in-class transparency and security
Up to 90% time savings for a new authorizations
Legal requirements fulfilled quickly
Integration with existing management processes for authorizations
Risk Analysis: Quickly and Clearly Visualised
Risk Identificaton
Validation Rule Definition
Analysis performance
Vulnerability will be eliminated
Additional Controls will be defined
Control of permissions/ SoD and cleanup
Visibility of Download logging, prompt response to threats
Real-time security monitoring and user behavior analytics
SAP interface analysis and cleanup
GDPR and security compliance, avoid unnecessary fines

Testimonials and Case Studies