Peace of mind lies at the core of SAP Data Management strategy
Organisations have faced challenges for years when it comes to SAP Data Management. This is due to the exponential increase in volumes, changing governmental regulations, cybersecurity and privacy concerns, plus the question of data sovereignty. Many are in the process of retiring their legacy systems, migrating to new cloud based in memory applications for the faster processing capabilities they afford. It’s a time of ‘data decluttering’ to reduce the cost of these migrations because in memory hosting for applications like SAP S/4 HANA is expensive. Data in legacy systems needs to be retired safely, archived off to reduce costs and yet remain available for auditors if needed. All this needs to be completed whilst continuing with business as usual, when SAP / IT skills are in short supply. In fact, SAP knowledge is quite a sought after IT skill.
TJC Group has been working with organisations across the world to solve problems associated with managing data for over 25 years. Most recently Thierry Julien, TJC Group’s founder and CEO, discussed some of the challenges customers are facing and how they can be overcome with Robert Holland, VP and Research Director at SAP Insider. This article outlines the key talking points extracted from the original Technology Report on Data Archiving and Decommissioning produced by SAPinsider, which was published in March 2023 in SAP Insider website.
Watch the full interview with Thierry Julien and Robert Holland:
Three key takeaways:
- Organisations are producing and collecting an ever-increasing volume of data so they need to archive and manage their data in ways that are both compliant and efficient.
- Questions around data privacy, residency, and sovereignty need to be answered for current systems as well as any archived data.
- An archiving and decommissioning strategy should be viewed as a major asset for any organisation either running legacy systems or migrating to SAP S/4HANA.
Robert: Of all the challenges facing SAP users currently, which do you regard as the biggest and why?
Thierry: It has to be peace of mind when it comes to SAP data management. There was a time when ensuring that shipments went out at the right time with the right product and the right quantity was the primary target for organisations. Now they might be selling individual items to customers with supply chain traceability whilst also managing social network discussions. That’s a huge difference in managed data. 25 years ago, a worldwide corporation might be running on a server with less than a terabyte of storage. Today organisations generate that much data in less than a day.
Robert: How is this broken down? What are the main areas of focus?
Thierry: There are four main areas where organisations need to achieve peace of mind. The first is in using automation around data archiving. The second is to generate standard output for audit and tax purposes. The third is to ensure that they are complying with data privacy requirements. And the fourth is to manage the data from decommissioning legacy systems. Addressing these data challenges is incredibly important for organizations because it’s impossible to solve business challenges when hampered by slow systems, tax and data privacy issues, and technical debt.
Robert: How are organisations responding?
Thierry: Many have addressed some of these challenges with individual services but we do not typically see this happening at a strategic level, which needs to change. Increasing concerns about data privacy requirements are having a greater impact on system decommissioning so there needs to be a top-down approach to the different data strategies employed by an organisation. Questions about data residency, data sovereignty, and data privacy need to be addressed by every organisation running enterprise systems today and especially SAP system users. And their answers should address both core systems and any plans for data decommissioning.
Robert: Can you explain how this applies to data residency?
Thierry: Organisations running a global SAP system with a centralised database may be in a difficult position when it comes to data residency which relates to physical and geographical access. This is because with data residency, it may be possible to only store information in a specific country, but there will be times when that data also needs to be stored elsewhere, in another country. This can often be resolved by extracting some of the data and related documents and storing them in another workspace in different cloud data centre, but the organisations need to understand how to go about this legally.
Robert: What problems are created by the data sovereignty rules?
Thierry: Sovereignty takes the complications created by privacy a step further by including the applicable laws and regulations beyond what is required for data residency. This can be much more complex for organisations to deal with as the timeframe for how long information needs to be retained can vary depending on industry or situation. For example, a standard audit may require three years plus the current year. But if a building is purchased, then additional codes may apply which may require data retention for 25 years. Organizations running SAP systems may have stock in a plant that doesn’t belong to the company. If that’s the case, what regulations apply? Any decommissioning strategy must adhere to cross country and cross regulation requirements to fully comply with data sovereignty requirements. For companies based in many different regions, keeping up with regulations is tiresome and it can be a very complex challenge to overcome.
Robert: What do organisations need to take into consideration to be privacy compliant?
Thierry: Data privacy has been a requirement for organisations operating in EMEA for several years, but new data privacy laws continue to come into place around the world. These may include an obligation to delete or anonymise data when requested. In an SAP environment, this may involve deleting all related transactions to a customer before the customer itself can be deleted in order to maintain database integrity. This can be a complex project and might impact reports that are still required for other purposes. Some data archiving tools, like the Archiving Sessions Cockpit developed by TJC Group, can allow organisations to remove a customer name from a sales order and sales report even after archiving has occurred. This makes addressing data privacy requests much easier.
Robert: If a company asked you to explain the decommissioning process, how would you describe it?
Thierry: Decommissioning is never a ‘one size fits all’ process and we see a lot of variety depending on the levels of SAP data management maturity within the organisation. Some will have a corporate decommissioning strategy where they identify legacy and future legacy systems. These types of organisations are looking for or implementing an organisation wide strategy to manage system decommissioning. Others just want to deal with decommissioning a specific legacy system in isolation. At this level of maturity, the organisation may see this first system as a pilot or first step into a broader decommissioning strategy.
By far the largest group are SAP customers that are transitioning to SAP S/4HANA and most of these organisations are just trying to move across the data that they need to run their future business effectively. They aren’t interested in moving 20 years of historical data into SAP S/4HANA and are usually focused on migrating the last few years’ worth. However, at some point these organizations will need details of the source information for audit purposes because it is necessary to see the data in the system of origin. That may mean going back to the original SAP ECC system because moving data into SAP S/4HANA does not build traceability. Even when the organisation does a system conversion, the data moved into SAP S/4HANA can still be changed or filtered. This means that the new system cannot function as a tax archive for audit purposes except for data that is created after it is deployed.
Robert: What advice would you like to give to organisations that are embarking upon decommissioning?
Thierry: I would reassure them that specialist solutions exist to manage data decommissioning which can provide significant benefits to companies moving to SAP S/4HANA or implementing a data decommissioning strategy. For example, TJC Group’s Enterprise Legacy System Application (ELSA) extracts a detailed audit report of all data which includes proof of completeness. Decommissioning solutions that do not provide this level of detail will not meet the audit requirements that require at least seven years of historical data to be preserved. This does not even consider how data privacy requirements may impact these data archives.
Robert: What would be your closing comment to help achieve the peace of mind that is so important?
Thierry: Our advice to organisations starting a decommissioning strategy is to build a technology map that identifies legacy and current systems with the target being identifying the technology that can be removed. This allows them to use the decommissioning process as a way of removing their technology debt. A volume reduction in data may also be achievable, but the size of the reduction will depend on whether or not the data will need to be accessed in the future. There are also financial benefits to be gained, both in terms of maintenance of legacy systems and avoiding potential financial penalties, but the non-financial benefits are of higher importance. Ultimately, if a data decommissioning strategy does not deliver peace of mind, it cannot be regarded as successful.
Learn more about legacy system decomissioning in this on-demand webinar: https://info.tjc-group.com/webcast-legacy-system-decommissioning
If you need support with Data challenges in your SAP environment, get in touch today.