SAP Modernization, ABAC, and TDF: A Glimpse Into the Future of Defense IT

Last week, I had the chance to attend the DoD Cybersecurity and SAP IT Conference, and one thing stood out above everything else: SAP is finally modernizing—and fast.

For years, SAP has been the backbone of defense IT, handling logistics, finances, and operations across the DoD. But now, it’s shifting toward modern security approaches like Attribute-Based Access Control (ABAC) and open standards like the Trusted Data Format (TDF). The goal? More secure, more dynamic, and more intelligent data-sharing across mission-critical environments.

ABAC: A Smarter Approach to Access Control

Traditionally, SAP systems relied on Role-Based Access Control (RBAC)—which, in simple terms, means users got access based on their job title or assigned group. The problem? That approach is too rigid for today’s evolving security needs.

Enter ABAC (Attribute-Based Access Control)

Instead of just looking at your role, ABAC considers multiple attributes—like who you are, where you are, what device you’re using, and the sensitivity of the data you’re trying to access. It’s a much smarter, real-time way to grant access based on context, not just a static job title. This makes it perfect for dynamic, high-security environments like the DoD, where data needs to be shared securely with the right people at the right time—no more, no less.

TDF: A Vision That’s Coming to Life

What really hit home at the conference was how much traction TDF (Trusted Data Format) is getting. It’s wild to think that our founder, Will Ackerly, created TDF over a decade ago while working at the NSA, long before the industry fully embraced data-centric security. Now, seeing SAP and the DoD adopt TDF as part of their modernization efforts proves just how forward-thinking that vision was.

TDF ensures that security travels with the data, no matter where it goes—whether it’s stored in SAP, shared across agencies, or sent to mission partners. Instead of relying on network security perimeters (which can be breached), TDF protects the data itself, making it a perfect fit for Zero Trust architectures and modern defense IT.

The Future is Data-Centric

The shift to ABAC and TDF signals something bigger: the DoD is embracing data-centric security and Zero Trust in a real way. No more outdated, perimeter-based models. Instead, security is being built directly into the data, ensuring it can move freely while staying protected.

At Virtru, we’re pumped to see this transformation happening. It’s proof that the future of cybersecurity isn’t just about keeping data locked down—it’s about enabling secure, seamless collaboration. And TDF? It’s helping make that a reality.

We’ll be keeping a close eye on how SAP continues to evolve, but one thing is clear: the future of the ZT Advanced Data Pillar and SAP IT is here, and it’s all about smarter, more secure data sharing based on open standards.

At Virtru, we’re committed to working with federal agencies and contractors to advance this vision. If you’d like to learn more about how Virtru can help your organization achieve faster, more secure data-sharing, let’s connect at virtru.com/contact-us.