The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Silwood Offers Safyr Metadata Discovery Software to Support GDPR Compliance

Silwood Technology, provider of Safyr metadata discovery software, has turned its attention to how firms running vendor application packages can meet the May 25, 2018 compliance deadline for General Data Protections Regulation (GDPR).

The company has researched five large and widely used application packages – SAP, JD Edwards, Microsoft Dynamics AX 2012, Siebel and Oracle E-Business Suite – to determine how difficult it will be to identify personal data in the applications (rather than databases) as required by GDPR. The terms data of birth and social security number were selected for research purposes, although many other elements of personal data could be used, and searches were performed to see how often they appeared. Safyr retrieves metadata about each application from the application layer, including any customisation, and can return searches in a few minutes.

Silwood’s research looked at several instances of each package to provide an indication of how many occurrences of each personal data field might be found in a typical system. By way of example, it found there are typically more than 90,000 tables in a SAP ERP system and over 900,000 fields. Social security number appeared in over 900 tables and date of birth in over 80 tables.

Nick Porter, founder and technical director at Silwood, points out that less than 1% of a typical SAP system contains personal data, but it could cause GDPR data breaches costing an organisation up to 4% of its annual turnover. While some firms are approaching the discovery of personal data manually, Porter argues that at this stage in the GDPR game, automation is the only way to reach compliance on time.

He says: “Silwood and Safyr are a small, but important part of GDPR compliance. The market is short on data discovery tools, which are often the elephant in the room, but we bring automation to identifying personal data, not just for GDPR, but for programmes that need to govern data but must first find the data.”

Safyr acts as a repository of metadata from a vendor package and identifies where the data is in the system. With the data discovery task done, Silwood exports the metadata to partners and resellers offering data analysis and governance for GDPR. These include ASG Technologies, IBM, Adaptive, Datum and Erwin, many of which use Safyr as a scanner for personal data embedded in vendor application packages.

Silwood has also released a Safyr GDPR Starter Pack for SAP users trying to find personal data in their ERP systems and will soon release a starter pack for JD Edwards. Starter packs for the other vendor applications mentioned above are in development.

Related content

WEBINAR

Upcoming Webinar: Best practices for regulatory reporting

Date: 20 May 2021 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Regulatory reporting has been a cost and resource burden for financial institutions for many years, with the race to compliance in a highly regulated market often leading to multiple, singular regulatory reporting solutions. Legacy systems add to the challenges...

BLOG

A-Team Group Introduces 2021 Innovation Awards

Here at A-Team Group we have been working hard on plans to celebrate innovative projects and teams with the launch of our A-Team Innovation Awards. The awards are designed to reward teams that have found innovative ways to make use of new and emerging technologies to solve challenges at financial institutions in capital markets. The...

EVENT

Data Management Summit New York City

Now in its 10th year, the Data Management Summit (DMS) in NYC explores the shift to the new world where data is redefining the operating model and firms are seeking to unlock value via data transformation projects for enterprise gain and competitive edge.

GUIDE

Entity Data Management Handbook – Seventh Edition

Sourcing entity data and ensuring efficient and effective entity data management is a challenge for many financial institutions as volumes of data rise, more regulations require entity data in reporting, and the fight again financial crime is escalated by bad actors using increasingly sophisticated techniques to attack processes and systems. That said, based on best...