Success Factors HCM

Secure SuccessFactors

Human Capital Management

SAP SuccessFactors delivers SaaS applications for financial management, human capital management (HCM), payroll, and analytics. While SAP goes to great lengths to secure its application and infrastructure against intrusions and attacks, it is your responsibility as the Enterprise Customer to enforce Zero Trust Access Controls, Data Protection & DLP policies on the data being loaded into and shared on Workday.  It is also your responsibility to ensure that external parties you are interacting with do not spread malware into your application. Data & Threat Protection for SuccessFactors requires a Cloud Access Security Broker (CASB)


Zero Trust Access Control

Bitglass patented Zero Trust Access Control ensures that appropriate access to SuccessFactors is provisioned based on the context by which the user is accessing the application. Policies can be defined based on access method (browser or native app), device (managed vs unmanaged), location (by country or IP address range), group, and more. Typically, users on secure, managed devices will be allowed full access, while users on unmanaged devices are restricted to browser access. This is particularly important for SuccessFactors, where HR and finance professionals need full access at the office, whilst all employees need controlled access from home computers to plan benefits, vacations etc with their families.  Only Bitglass agentless AJAX-VM technology delivers proxied access on any browser without the need for agents.

dlp everywhere

Intelligent native DLP

Bitglass’ integrated, high-performance DLP engine is compatible with the leading network and endpoint-based DLP systems. Paired with a comprehensive catalog of pre-built identifiers for a wide range of data types, you’ll have the flexibility to build policies from scratch, pull from the Bitglass catalog, import policies from premises-based DLP solutions, or integrate via ICAP. Most organizations choose to sync policies directly from premises-based DLP systems, avoiding severe performance penalties while ensuring consistent policy enforcement anywhere.


DLP policies can be enforced in real-time on the proxy for uploads and downloads, of particular value during access from unmanaged devices.


The Bitglass DLP engine is paired with a wide range of remediation actions, built to allow you to safely extend access to sensitive data, even in risky contexts. Actions include alerts, dynamic application of encryption or rights management (DRM), redaction of sensitive content, watermarking and tracking, quarantine, and blocking.


Advanced Threat Protection on any device

Cloud applications are attractive vehicles for malware. Bitglass’ Advanced Threat Protection (ATP) powered by Bitdefender, CrowdStrike or Cylance, blocks the spread of unknown and zero day attacks, ensuring that your Workday deployment never becomes a proliferation point for the spread of malware across your managed or BYO devices.


ATP protection policies can be enforced in real-time on the proxy for uploads and downloads, without the need for software agents. This is particularly important during access from unmanaged devices, which can be an entry point for malware.

Box solutions brief image

Secure SuccessFactors Today

To deliver automated HCM, IT needs a solution that delivers data and threat protection in the cloud, at access and on any device.

Read case study on SuccessFactors now.

Case Study