KuppingerCole Report
Executive View
By Alexei Balaganski

SAP Data Custodian

SAP Data Custodian is an innovative SaaS application that enables governance, risk, and compliance for enterprise data in public clouds. It provides visibility over the ways data is stored, moved, and accessed in the cloud, enforces data protection policies, and helps maintain compliance with data protection regulations.

1 Introduction

Scalability, flexibility, predictable costs, and massively reduced capital expenditures are just some of the reasons for many organizations to adopt a cloud-first strategy for their future business development. They motivate companies to migrate more and more of their applications, computing workloads, and data to public clouds. The ongoing COVID pandemic, which forced so many people to work from home for months, has only further increased worldwide cloud adoption.

Driven by the ongoing digital transformation, data is quickly becoming the most valuable asset for every organization, more important than oil or land. Regardless of whether data is the primary product for a business or just a tool to reach their customers, improve productivity, enable better planning, or a myriad of other reasons - the ability to collect, store and process vast amounts of information becomes a critical factor for business success in any industry or geography. Increasingly, a company's only option to achieve the necessary scale is to harness the power of the public cloud.

However, modern application architectures, deployment patterns, and technology stacks strongly affect the security landscape and introduce completely new risks to cloud customers. The continuously growing number and scale of data breaches indicate that even the largest organizations with fully staffed IT teams and large security budgets are failing to keep up with the cloud transformation. Unfortunately, many companies realize the challenges and vulnerabilities of dealing with sensitive data in the cloud too late, facing massive financial, legal, and reputational losses for their non-compliance.

The primary challenge for modern data-driven business is, of course, the overall scale and complexity of storing and managing data across heterogeneous (multi-cloud and hybrid) environments - data is everywhere, spread across a multitude of systems, models, and formats with incompatible technology stacks and security controls. Also, data never exists in a vacuum, isolated within just a single database, application, or network. It is constantly moving and transforming, passing through multiple systems, and being processed by numerous applications and services. Even the basic data governance at this scale becomes impossible without full visibility into data locations, classification, access policies, and so on.

The problem is further complicated by constantly changing governance and compliance requirements. After GDPR, new strict regulations for handling personally identifiable information are being introduced by numerous countries and state-level governments around the world, with massive fines for compliance violations. Some of the more recent legal decisions, such as the infamous Schrems II ruling, can completely change technical requirements for storing data in a cloud overnight, introducing new mandatory security controls for cloud projects. These quickly changing demands put a strain on both customers and vendors of cloud services.

Traditionally, data protection solutions have focused on securing individual infrastructure components - databases, file and object stores, networking, etc. - but this approach is no longer sustainable in multi-cloud environments. Another approach - data-centric security - is gaining popularity, focusing instead on data itself, providing full visibility into data at every stage of its active life cycle.

With Data Custodian, SAP offers a natively multi-cloud, fully managed SaaS solution for data transparency, protection, and compliance across the company's own business applications, as well as public hyperscalers and SAP-managed clouds.

2 Product Description

SAP Data Custodian is a SaaS application that provides users with a centralized control plane for visibility, governance, and protection of their ente ...

Login Get full Access

3 Strengths and Challenges

SAP Data Custodian offers an innovative alternative to more traditional universal data protection solutions. By packaging a broad set of data discover ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.