Fraud and Compliance

Finding Security in Data Intelligence and the Cloud

Christopher Juneau |

There’s immense excitement today about how artificial intelligence (AI), the cloud, and advanced data analytics will transform the way that organizations manage and optimize their travel and expense (T&E) operations.  

Yet, that enthusiasm is also tempered by some apprehension. Seven in 10 decision-makers (72%) say they’re concerned about personal and company data security, according to a recent SAP Concur-commissioned survey with Forrester. While modern spend management solutions can help make T&E more responsive and agile, they can also introduce new challenges around security and data protection if a mindful approach is not taken from the beginning.  

SAP Concur has incorporated AI and machine learning technology into its spend management solutions for nearly a decade. Three words have guided our strategy since day one: relevant, reliable, and responsible. We employ this technology in a way that protects our customers, including barring it from using customer data to train the model for use outside of their organization. We are actively and intentionally taking steps to proactively protect our customers’ data and security. 

Looking for more specifics? Here are just a few ways that SAP Concur embeds security and privacy into every solution we deliver, while enabling our customers to make the most of data intelligence and the cloud.   

 

Hybrid Security Measures 

The shift to hybrid and remote work has unlocked productivity and brought more work-life balance to employees. At the same time, it’s also introduced new complexities and security challenges for organizations. Expanding the definition of the workplace to include the home office, the hotel lobby, the coffee shop, and other makeshift working environments can increase risk—if the right security measures are not in place. 

As a company deeply rooted in the T&E landscape, we are well versed in ensuring the solutions we offer are secure regardless of location, since our customers can be in the office one day and on a plane the next. We understand that organizations need T&E solutions that empower everyone to thrive in the hybrid working environment while ensuring compliance. In fact, 71% of surveyed decision-makers say that increased security and data protection is the top benefit of implementing a modern T&E solution. 

For example, whether customers are working remotely or in office, we’ve instituted secure options for logging into our tools. Customers can choose to log in with single-sign on (SSO) initiated by an identity provider (IdP) or with a username and password—with two-factor authentication coming soon for those who choose the latter. We enable companies to customize according to their preferences and security policies (e.g., making SSO optional). We’ve also put safeguards in place to automatically alert managers of profile changes, such as when a user’s email address is updated. 

 

End-to-End Privacy Controls  

In recent years, there has been growing scrutiny into how technology companies collect, process, protect, and use the personal data of their customers. The rise of AI systems, trained on massive stores of data, have only further heighted those concerns.  

SAP Concur upholds the importance of implementing safeguards that protect our users’ data, which is why we’ve embedded data protection functionality and privacy features into all our products and services, including data masking and data encryption. Our Data Privacy and Protection team evaluates and must approve every use case leveraging customer data. We are compliant with all personal data protection regulations in place, such as the General Data Protection Regulation (GDPR). We also make use of robust application programming interfaces (APIs) and secure file transfer protocols (SFTPs), more secure methods of transferring and integrating data than manual imports and exports. 

This approach extends to how we develop, deploy, and use AI systems. In 2022, SAP published its Global Artificial Intelligence (AI) Ethics Policy, which defines our approach to AI development in alignment with our organizational values, such as our commitment to developing systems that do not de-anonymize already anonymized data. 

 

Modern, Robust Data Security 

Ensuring our customer data is safe and maintains the highest security standards is a top priority. As more organizations move increasing amounts of data into the cloud, security has become more critical than ever to ensure that data remains private and bad actors never gain access. This is exceptionally true for T&E platforms, which handle large amounts of personal identifiable information. Strict data security standards must come built in.  

To that end, SAP Concur has used industry standards and compliance and regulatory requirements to build a robust security foundation. We back this up by offering System and Organization Controls (SOC) reports to give organizations insights into the effectiveness of internal control systems implemented within cloud delivery units.  

In addition, we’re audited regularly for compliance with the leading global standards of security and service management, assuring our customers that we maintain data confidentiality, integrity, and availability at all times. The written results of many of these audits are available on request. 

 

A New Era for Data Intelligence and the Cloud 

With the right approach, modern spend management solutions can alleviate any security and data protection woes, allowing organizations to focus on moving their teams forward, not stressing over whether their data is protected. And SAP Concur is leading the charge. 

Learn more about how SAP Concur builds, runs, and maintains secure operations for our customers by clicking here. 

Fraud and Compliance
Mark Wilfred, Director of Solutions Consulting, Southeast Asia at SAP Concur, discusses how tech tools can help make government expenses more transparent.
Keep reading
Fraud and Compliance
In every crisis, there are people who can take advantage of the situation. The pandemic has created new challenges in compliance, with new policies and expense types creating opportunities for mistake
Keep reading
Fraud and Compliance
Fraudulent spending has the potential to significantly impact a business’ bottom line. According to the Association of Certified Fraud Examiners (ACFE). Being able to identify where potential leakage
Keep reading