DE

SAP authorization concept in the AI era – more important than ever!

Problem solving, pattern recognition, decision making: computers and machinery can use artificial intelligence (AI) to perform tasks that have previously always required human thought. This is giving rise to previously unimagined possibilities in the business world as well as our private lives. New opportunities are being created for making our lives easier in many ways. However, there is another side to the AI coin. AI algorithms and models use data and machine learning to gather knowledge and experience and draw conclusions from these. Often, this is data that we provide to the AI without realizing it; for example, data transmitted by systems – such as our SAP systems.

Plattling, February 6, 2024

Minimize risks by regulating data access

If you provide your data to external AI applications, perhaps for generating or optimizing reports, program code, or documentation, you need to be clear that this data is being sent to the AI and used to improve it. In the worst case, this could result in data that could be critical for your competitors becoming freely accessible; for example, by using carefully massaged prompts in the same external tool.

We’ve put together an overview of what you can do to ensure your critical data is kept secure:

  • Implement a company-wide AI strategy
  • Implement general AI awareness for all employees: after all, people can only make the right decisions once they understand where the risks and possibilities lie
  • Review the authorization concept:
    • Check the status of your documentation – when was it last updated?
    • Which data do you consider critical? How is access to this data managed and authorized?
    • How are authorization-related responsibilities and processes managed – in theory and in practice?
    • Are access needs tightly controlled based on the “need to know” principle?
    • Do you have an up-to-date overview of access permissions?
    • Are more “traditional” issues handled (segregation of duty, audit-compliant documentation)?

Whatever system you use, always be sure to make use of your most valuable asset:  NI. Natural intelligence.

If you realize that you need to embark on an archaeological search through your permissions, and...

  • all your documentation turns out to be out of date;
  • you no longer have an overview of what permissions have been issued;
  • you haven’t defined your critical data;
  • you find other unsatisfactory elements in your permissions model...

Consider it an opportunity to make your authorization concept AI-safe. We’ll help you! Just get in touch.

 

Back to overview
Let's get in touch.

Norbert Kytka, Headquarters Plattling

Contact
Contact
References