SAP Data Custodian
Enabling enterprises gain transparency and control over data access and movement on the Google Cloud
ABOUT
A key concern of enterprise customers moving from on premise to public cloud environments is to retain insight and control over the access to their sensitive data while at the same time benefiting from the agility, scale and global presence of a public cloud platform.
While organizations seek to benefit from the agility, scale and global presence of the Google Cloud, SAP and Google are pioneering on this front by going beyond its existing robust security capabilities, and leveraging SAP’s expertise in governance, risk and compliance to provide greater visibility and control of data access on the cloud.
The SAP Data Custodian solution gives insight into where a company’s data is stored in the cloud, and when and where it is moved, processed and accessed.
Working with Solution Managers, Engineering and Product teams, I co-led the project from its inception to define our objectives, project timelines and design an ideal experience for the product. Part of a 3 member team, we identified key users, defined a concept vision and produced a video that set the foundation for the product, launched shortly after our involvement.
CHAPTER ONE
GRC, a new domain.
With a 6 week timeline defined, our initial goals were to familiarize ourselves with the domain of Governance, Risk and Compliance, establish an understanding of SAP’s GRC products and identify key usecases for the product’s vision. We worked with our stakeholders to also identify areas in the story that best showcases SAP’s technologies critical to a partnership promising data-transparency in the Google Cloud. Our initial immersion into GRC helped uncover key trends that highlighted the growing importance given to GRC.
1
Risk intelligence drives better business.
_________
Companies are in constant need to improve their risk oversight owing to new risks and regulatory requirements introduced by new business initiatives. GRC programs are expected to contribute to business decisions with insights into risks and business impact.
2
GRC now has a seat at the table.
_________
Against the backdrop of growing geopolitical uncertainties, cyber security attacks and rapid regulatory changes, boards and C-suite executives are anxious to know the impact of these on their organization, what can be done to mitigate these risks.
Working with product managers and engineering teams, our scope was determined to support data transparency and control.
Grounded in GRC trends, we influenced the product vision to highlight how an organization can benefit from the ground up, and therefore designed to support 3 key roles.
CHAPTER TWO
Designing the experience.
Over 2 weeks, we defined a storyboard, wireframes and hi-fidelity screens showcasing a number of ways to monitor and ensure compliance across various levels within an organization. Designed on SAP Fiori, here are highlights of the data custodian experience for a large EU-based company that recently adopted the Google Public Cloud.
CHAPTER THREE
Learning & Outcomes
The project was a great opportunity to lay the foundation for the SAP-Google Partnership, and deliver a vision that demonstrates how organizations can benefit from in-depth compliance risk intelligence to drive better business performance. The influence our initial GRC research had on the vision was a good learning experience of how design can inform product strategy.
Our vision for the Data Custodian was showcased in May 2017 at SAP’s annual conferences – SAPPHIRE and TechEd, and at Google Cloud Next. Soon after, the product was developed and launched on the SAP marketplace.
