MBIS dera

Discover personal data fields, encrypt sensitive personal data and anonymize personal data to comply with GDPR requirements by MBIS dera solution.

With MBIS dera (discover, encrypt, redact, anonymize), automatically discover personal data fields; encrypt sensitive personal data during retention period; dynamically and permanently anonymize (redact) personal data in SAP® and SQL based non-SAP® systems at the database level with certain rules, conditions and methods and ensure your compliance with GDPR regulations.

More information

What is MBIS dera?

According to Law on the Protection of Personal Data (KVKK) numbered 6698 : «despite being processed under the provisions of this law and other related laws, personal data shall be erased, destructed or anonymized by the controller, ex officio or upon demand by the data subject, upon disappearance of reasons which require the process.»

Anonymization is the process of rendering personal data impossible to link or associate with an identified or identifiable natural person, even through matching them with other data.

dera is a special SAP® ABAP add-on software, developed by MBIS R&D Center, which discovers personal data fields; encrypts and redacts (anonymize) personal data in SAP® , with certain rules, conditions and methods for compliance with GDPR / KVKK.

Main functionalities of ‘dera’

Personal Data
Discovery

1
  • Automaticaly finds and reports the personal data fields created to keep personal data.
  • Finds added/modified fields in custom tables. (as long as standard data element types are used)
  • Creates personal data fields catalogue from the reported fields and allows you to use them for redaction and encrytion operations.

Data
Redaction

2
  • Redacts personal data at the database level as a scheduled SAP® JOB or manually.
  • Enables to run redaction operations as background jobs.
  • Triggers and executes an approval workflow before redaction performed, if opted so.

Data
Encryption

3
  • Saves encrypted versions of personal data in dera tables before redaction operations.
  • Standard users see anonymized data whilst authorized users can see the original (decrypted) data based on authorization level.

Redaction in Non-SAP®
Systems

4
  • Runs SQL scripts to delete or update personal data kept in non-SAP® systems.
  • Performs redaction operations synchronously in non-SAP® systems through matching ID’s as soon as redaction is completed in SAP® to delete or anonymize related data.
  • Carries out redaction operations for non-SAP® systems manually or automatically at given periods.

1Personal data field discovery in SAP®

1Personal data field discovery in SAP®

2Data Anonymization in SAP®

3Data Encyrption in SAP®

3Data Anonymization in non-SAP® systems | Synchronized redaction

Why ‘dera’?

GDPR Compliance

dera effectively meets related GDPR compliance requirements by encrypting and anonymizing ([sensitive]) personal data in multiple systems

ECC & S/4HANA Multisystem Support

dera works on both SAP® ECC and S/4HANA ERPs as well as any SAP® system which supports ABAP e. g. CRM, SRM, HR

Cost-Effective with Low TCO

dera is much more cost effective with relatively low TCO compare to existing expensive solutions

Centralized Data Anonymization

dera provides centrally managed personal data anonymization capability for both SAP® and non-SAP® systems from a single platform

Fast-Track Implementation

Thanks to its ready-to-use catalogs and pre-defined workflows, dera enables very fast implementation

Personal Data Field Discovery in SAP®

With its automatic personal date discovery function for SAP® , dera takes GDPR compliance to a higher level by minimizing the risk of overlooking any [sensitive] data

Flexible & Adaptable

‘dera can be easily customized and new functions can be added in accordance with specific business needs

And more…

dera comes with rich set of useful functionalities such as data subject level authorization, approval workflows, and more…

FAQ

Does this solution interfere with the SAP® system's source code?

No. dera does not interfere with SAP® 's original code. The field values in the related tables are changed within defined rules.

Can anonymized data be reversed or is the data permanently changed?

Applying a database level anonymization process permanently changes the field values according to the defined rule, thus anonymized data cannot be returned.

Does our SAP® system slow down when running field-based checks?

No, it doesn't. It is possible to work on different parallel sessions while continuing the data crushing process and running other processes in the background.

In SAP® systems, is it possible to permanently change data with dera in systems where live system data is copied and transferred (Dev, QA) after client copy?

Yes. dera can also be used to permanently change data in post-client-copy DEV and QA systems.

Can dera be used to anonymize the data stored in non-SAP® systems?

Yes. dera has screens for non-SAP® and external systems where you can anonymize the desired content by applying table-field based rules and create scripts to perform anonymization/permanent change operations. Anonymization/permanent change operations can be executed for all associated systems centrally from dera.

Is there a predefined rule set to implement anonymization processes for personal data?

Yes. dera has a predefined rule catalog for the anonymization of fields containing personal data within the scope of KVKK/GDPR. In order to avoid data inconsistency, it does not recommend applying anonymization to all fields containing personal data. Instead, it suggests permanently change the data of a few related fields (such as Name and Surname) in order to break links that could point out the "real person". It provides with a predefined rule set prepared accordingly. If necessary, new rule sets can be defined for new fields.

Does dera also work in customized programs (Z-programs)?

Yes. By adding these fields to the field catalog, you can permanently change data in customized fields.

Will dera continue to operate when we upgrade our SAP® system from ECC to S/4HANA?

Yes. dera also works on different SAP® versions.

Does dera Fiori work in different SAP® interfaces such as WebGui?

dera's transaction codes can be called from different SAP® interfaces. In addition, since dera operates at database level, all related systems are affected by permanent data anonymization.

Can dera be used for GDPR-related actions?

dera recommends permanently changing the data of several relevant fields in order to break the links that may point out the real person. It presents a predefined rule set accordingly. Thus, it allows compliance with the data annihilation liability of GDPR.

If I purchase dera, do I need to buy an additional license from SAP® ? Does dera bring any hidden costs?

dera is an SAP® add-on, so it does not require an additional license or hardware other than its own license.

How are dera's maintenance services provided? What services can I get under maintenance?

Updates, add-ons and versions related to the product are covered in the maintenance agreement. Communication is provided via MBIS's help desk application.

Which databases does dera support?

dera supports all SAP® installed databases. For non-SAP® system databases, additional scripts are written and run within dera. It is the customer's responsibility to develop the script.

What are the redaction methods?

There are different methods that can be used. For example, methods such as mixing, fixed value assignment, fixed date assignment, fixed text, parametric text assignment, random text or date assignment are used in dera.

What technical competencies should the person have who will manage dera?

Users with basic SAP® knowledge can manage dera with user training; it does not require any further competence. System-wise expertise may be required for script development for external systems.

I don't use SAP® , can I still use dera?

dera is a solution that is installed in SAP® and enables the process to be carried out in all systems from within SAP® centrally.

Kaynaklar

MBIS’in bilgi birikiminden faydalanın, farkındalığınızı artırın.

MBIS'in sunduğu SAP® S/4HANA Finance Çözümü ile
kazanan siz olun.

Bu dokümanın amacı, bir S/4HANA Finance projesinin hazırlık aşamasında yapılması gerekenlere dikkat çekmek ve implementasyonun geri kalanının daha sorunsuz ilerlemesini sağlamaktır.

Ücretsiz İndir

SAP® S/4HANA Finance

SAP® S/4HANA Finance çözümü hakkında daha fazla bilgi
edinmek için webinar kaydımızı izleyin

Webinarı İzle

Please contact us for further information

  • United States+1
  • United Kingdom+44
  • Afghanistan (‫افغانستان‬‎)+93
  • Albania (Shqipëri)+355
  • Algeria (‫الجزائر‬‎)+213
  • American Samoa+1
  • Andorra+376
  • Angola+244
  • Anguilla+1
  • Antigua and Barbuda+1
  • Argentina+54
  • Armenia (Հայաստան)+374
  • Aruba+297
  • Australia+61
  • Austria (Österreich)+43
  • Azerbaijan (Azərbaycan)+994
  • Bahamas+1
  • Bahrain (‫البحرين‬‎)+973
  • Bangladesh (বাংলাদেশ)+880
  • Barbados+1
  • Belarus (Беларусь)+375
  • Belgium (België)+32
  • Belize+501
  • Benin (Bénin)+229
  • Bermuda+1
  • Bhutan (འབྲུག)+975
  • Bolivia+591
  • Bosnia and Herzegovina (Босна и Херцеговина)+387
  • Botswana+267
  • Brazil (Brasil)+55
  • British Indian Ocean Territory+246
  • British Virgin Islands+1
  • Brunei+673
  • Bulgaria (България)+359
  • Burkina Faso+226
  • Burundi (Uburundi)+257
  • Cambodia (កម្ពុជា)+855
  • Cameroon (Cameroun)+237
  • Canada+1
  • Cape Verde (Kabu Verdi)+238
  • Caribbean Netherlands+599
  • Cayman Islands+1
  • Central African Republic (République centrafricaine)+236
  • Chad (Tchad)+235
  • Chile+56
  • China (中国)+86
  • Christmas Island+61
  • Cocos (Keeling) Islands+61
  • Colombia+57
  • Comoros (‫جزر القمر‬‎)+269
  • Congo (DRC) (Jamhuri ya Kidemokrasia ya Kongo)+243
  • Congo (Republic) (Congo-Brazzaville)+242
  • Cook Islands+682
  • Costa Rica+506
  • Côte d’Ivoire+225
  • Croatia (Hrvatska)+385
  • Cuba+53
  • Curaçao+599
  • Cyprus (Κύπρος)+357
  • Czech Republic (Česká republika)+420
  • Denmark (Danmark)+45
  • Djibouti+253
  • Dominica+1
  • Dominican Republic (República Dominicana)+1
  • Ecuador+593
  • Egypt (‫مصر‬‎)+20
  • El Salvador+503
  • Equatorial Guinea (Guinea Ecuatorial)+240
  • Eritrea+291
  • Estonia (Eesti)+372
  • Eswatini+268
  • Ethiopia+251
  • Falkland Islands (Islas Malvinas)+500
  • Faroe Islands (Føroyar)+298
  • Fiji+679
  • Finland (Suomi)+358
  • France+33
  • French Guiana (Guyane française)+594
  • French Polynesia (Polynésie française)+689
  • Gabon+241
  • Gambia+220
  • Georgia (საქართველო)+995
  • Germany (Deutschland)+49
  • Ghana (Gaana)+233
  • Gibraltar+350
  • Greece (Ελλάδα)+30
  • Greenland (Kalaallit Nunaat)+299
  • Grenada+1
  • Guadeloupe+590
  • Guam+1
  • Guatemala+502
  • Guernsey+44
  • Guinea (Guinée)+224
  • Guinea-Bissau (Guiné Bissau)+245
  • Guyana+592
  • Haiti+509
  • Honduras+504
  • Hong Kong (香港)+852
  • Hungary (Magyarország)+36
  • Iceland (Ísland)+354
  • India (भारत)+91
  • Indonesia+62
  • Iran (‫ایران‬‎)+98
  • Iraq (‫العراق‬‎)+964
  • Ireland+353
  • Isle of Man+44
  • Israel (‫ישראל‬‎)+972
  • Italy (Italia)+39
  • Jamaica+1
  • Japan (日本)+81
  • Jersey+44
  • Jordan (‫الأردن‬‎)+962
  • Kazakhstan (Казахстан)+7
  • Kenya+254
  • Kiribati+686
  • Kosovo+383
  • Kuwait (‫الكويت‬‎)+965
  • Kyrgyzstan (Кыргызстан)+996
  • Laos (ລາວ)+856
  • Latvia (Latvija)+371
  • Lebanon (‫لبنان‬‎)+961
  • Lesotho+266
  • Liberia+231
  • Libya (‫ليبيا‬‎)+218
  • Liechtenstein+423
  • Lithuania (Lietuva)+370
  • Luxembourg+352
  • Macau (澳門)+853
  • Macedonia (FYROM) (Македонија)+389
  • Madagascar (Madagasikara)+261
  • Malawi+265
  • Malaysia+60
  • Maldives+960
  • Mali+223
  • Malta+356
  • Marshall Islands+692
  • Martinique+596
  • Mauritania (‫موريتانيا‬‎)+222
  • Mauritius (Moris)+230
  • Mayotte+262
  • Mexico (México)+52
  • Micronesia+691
  • Moldova (Republica Moldova)+373
  • Monaco+377
  • Mongolia (Монгол)+976
  • Montenegro (Crna Gora)+382
  • Montserrat+1
  • Morocco (‫المغرب‬‎)+212
  • Mozambique (Moçambique)+258
  • Myanmar (Burma) (မြန်မာ)+95
  • Namibia (Namibië)+264
  • Nauru+674
  • Nepal (नेपाल)+977
  • Netherlands (Nederland)+31
  • New Caledonia (Nouvelle-Calédonie)+687
  • New Zealand+64
  • Nicaragua+505
  • Niger (Nijar)+227
  • Nigeria+234
  • Niue+683
  • Norfolk Island+672
  • North Korea (조선 민주주의 인민 공화국)+850
  • Northern Mariana Islands+1
  • Norway (Norge)+47
  • Oman (‫عُمان‬‎)+968
  • Pakistan (‫پاکستان‬‎)+92
  • Palau+680
  • Palestine (‫فلسطين‬‎)+970
  • Panama (Panamá)+507
  • Papua New Guinea+675
  • Paraguay+595
  • Peru (Perú)+51
  • Philippines+63
  • Poland (Polska)+48
  • Portugal+351
  • Puerto Rico+1
  • Qatar (‫قطر‬‎)+974
  • Réunion (La Réunion)+262
  • Romania (România)+40
  • Russia (Россия)+7
  • Rwanda+250
  • Saint Barthélemy+590
  • Saint Helena+290
  • Saint Kitts and Nevis+1
  • Saint Lucia+1
  • Saint Martin (Saint-Martin (partie française))+590
  • Saint Pierre and Miquelon (Saint-Pierre-et-Miquelon)+508
  • Saint Vincent and the Grenadines+1
  • Samoa+685
  • San Marino+378
  • São Tomé and Príncipe (São Tomé e Príncipe)+239
  • Saudi Arabia (‫المملكة العربية السعودية‬‎)+966
  • Senegal (Sénégal)+221
  • Serbia (Србија)+381
  • Seychelles+248
  • Sierra Leone+232
  • Singapore+65
  • Sint Maarten+1
  • Slovakia (Slovensko)+421
  • Slovenia (Slovenija)+386
  • Solomon Islands+677
  • Somalia (Soomaaliya)+252
  • South Africa+27
  • South Korea (대한민국)+82
  • South Sudan (‫جنوب السودان‬‎)+211
  • Spain (España)+34
  • Sri Lanka (ශ්‍රී ලංකාව)+94
  • Sudan (‫السودان‬‎)+249
  • Suriname+597
  • Svalbard and Jan Mayen+47
  • Sweden (Sverige)+46
  • Switzerland (Schweiz)+41
  • Syria (‫سوريا‬‎)+963
  • Taiwan (台灣)+886
  • Tajikistan+992
  • Tanzania+255
  • Thailand (ไทย)+66
  • Timor-Leste+670
  • Togo+228
  • Tokelau+690
  • Tonga+676
  • Trinidad and Tobago+1
  • Tunisia (‫تونس‬‎)+216
  • Turkey (Türkiye)+90
  • Turkmenistan+993
  • Turks and Caicos Islands+1
  • Tuvalu+688
  • U.S. Virgin Islands+1
  • Uganda+256
  • Ukraine (Україна)+380
  • United Arab Emirates (‫الإمارات العربية المتحدة‬‎)+971
  • United Kingdom+44
  • United States+1
  • Uruguay+598
  • Uzbekistan (Oʻzbekiston)+998
  • Vanuatu+678
  • Vatican City (Città del Vaticano)+39
  • Venezuela+58
  • Vietnam (Việt Nam)+84
  • Wallis and Futuna (Wallis-et-Futuna)+681
  • Western Sahara (‫الصحراء الغربية‬‎)+212
  • Yemen (‫اليمن‬‎)+967
  • Zambia+260
  • Zimbabwe+263
  • Åland Islands+358