Petrobras: How to Improve Security of Personal and Confidential Data using Attribute-Based Access Control (ABAC)

As part of its digital transformation strategy, Petrobras started the #trans4mar Project in 2019. The objective was to convert its SAP ERP from ECC to S/ 4HANA, along with the review and improvement of some selected business processes. Petrobras IT with the support of Deloitte and NextLabs resources, worked in tight collaboration to implement the primary deliverable of Nextlabs SAP DAM within four months to quickly deploy and meet the data governance-initiatives set forth. With this zero-trust data-centric approach using SAP DAM, Petrobras is now able to ensure fine-grained access control for applications that create, store, or modify personal confidential data. To further protect privacy, data is dynamically masked on transaction fields where personal confidential data is present. This is taken one step further, by also dynamically segregating data for reports, ensuring that personally identifiable information (PII) and business-critical data are protected, helping maintain confidential data privacy.

Download the Case Study Here