SAP Fieldglass: Cloud Innovation for Commercial Regulated Industries

SAP National Security Services (SAP NS2) has deployed SAP Fieldglass solutions according to the National Institute of Standards and Technology (NIST) Baseline with FedRAMP® Moderate Parameters.

This also complies with International Traffic in Arms Regulations (ITAR). The environment is assessed annually by a certified third-party assessment organization (3PAO) to adhere to NIST 800-53 controls with FedRAMP Parameters. This allows government agencies and highly regulated industries in the U.S. to adopt SAP’s market-leading cloud applications for external workforce management and services procurement with an enhanced, enterprise-grade security model.

SAP Fieldglass solutions are available in the SAP NS2 Commercial Regulated Environment (CRE). This is a significant milestone for our regulated customers, as it ensures that the data stored within our system adheres to the regulations put in place by their industry and remains in country.

SAP NS2 offers the following SAP Fieldglass external workforce management solutions: SAP Fieldglass Contingent Workforce Management, SAP Fieldglass Services Procurement, and SAP Fieldglass Worker Profile Management.

History of External Workforce Management

Even before the COVID-19 pandemic shined a light on increasing labor shortages, organizations were quickly evolving the ways they staffed their teams. One aspect of this evolution was the realization that temporary workers offer a valuable way to address staffing and skill gaps. An Oxford Economics study conducted before the pandemic found that 42% of workforce spend was dedicated to the external workforce, composed of service providers and other non-payroll workers.

More than two years later, this percentage is projected to rise. A 2022 Economist Impact study sponsored by SAP found that 50% of surveyed organizations plan to increase their use of external workers. This includes the public sector, U.S. state and local governments, and regulated industries such as aerospace and defense, utilities, higher education, life sciences, manufacturing, high-tech, and financial services. Each of these industries are expected to rely on the expertise of external workers.

Managing External Workers in the Public Sector: Uniquely Challenging

Like any other organization, governments and highly regulated industries use external workers to do basic things such as deploy and manage IT, build infrastructure, and perform back-office functions. But unlike the private sector, the need for security is magnified tenfold. When employing external workers, government and highly regulated industries must comply with and adhere to strict and constantly evolving privacy and security standards.

Given the public sector’s heightened requirements for security, the realities of external workforce management can make things more challenging:

  • External workers may have access to critical systems and data. Managing an external workforce means there are temporary and contingent workers who may not be committed to the long-term success of an organization, and these resources may be working with sensitive data. Therefore, it is critical that external workers are securely managed from onboarding through offboarding to help ensure only vetted and trusted resources are allowed into the organization.
  • External workforce data must be protected to the highest standards. When hiring and onboarding through a workforce management solution, a worker’s highly sensitive data is stored within the application. Personally identifiable information (PII), location, and other employee-specific data is highly targeted by bad actors, so it is crucial to protect it according to government-attested regulations.
  • Highly regulated organizations require an upgraded innovation model. Organizations need a solution that balances security with innovation. A solution that provides enhanced security based on industry needs, uses a local deployment model, and stays ahead of the innovation curve creates a strong barrier between cybersecurity threats and systems.

SAP Fieldglass Through SAP NS2: Secure, Local, Sovereign

The necessity to comply with local data sovereignty regulations, store data in-county, and control who can access data based on regional requirements were key drivers in bringing SAP Fieldglass solutions into the SAP NS2 environment. SAP Fieldglass solutions delivered through SAP NS2 provide:

  • Localized protection of data: All SAP Fieldglass data is deployed and stored on U.S. Amazon Web Services’ AWS GovCloud infrastructure that is dedicated to addressing the needs of highly regulated industries within the cloud. SAP Fieldglass solutions are deployed on infrastructure located within the U.S. From initial deployment to ongoing support, all facets of the SAP Fieldglass solutions are maintained in-country.
  • Innovation backed by in-region, expert resources: SAP Fieldglass solutions are protected via a security model that provides local, credentialed resources who understand innovation, business drivers, and U.S. compliance regulations.
  • Automated security: SAP NS2 leverages tools such as vulnerability scanning, intrusion detection, and continuous monitoring to help ensure data stays protected under an automated and enhanced cybersecurity

SAP Fieldglass solutions delivered by SAP NS2 provide a critical line of defense for protecting organizations and ensuring the individuals handling everyday operations are recruited and managed within a highly secure environment. Our sovereign cloud offering mitigates the risk of external threats by limiting system management, providing in-country deployment, and leveraging an enterprise strategy to control data access, data residency, and data sovereignty.

In other words, we keep your data secure so you can focus on what’s important: your mission.


Lillian Chang  is senior vice president for SAP National Security Services.
Vish Baliga is chief technology officer for SAP Fieldglass.