Classify, Protect, Audit: New Approach to SAP Data Security. Aparna Jue, SECUDE

Transcription

1 Classify, Protect, Audit: New Approach to SAP Data Security Aparna Jue, SECUDE

2 About SECUDE SECUDE is an innovarve global provider of IT data protecron solurons for SAP customers. Our user- friendly solurons protect the integrity of data, prevent intellectual property the\ and data breaches, while enforcing regulatory compliance. Established in 1996, Spin- Off from Fraunhofer & SAP Developer of a Secure Login (SAP Single Sign- On) technology, sold to SAP in 2011 SAP partner and Value Added Reseller (VAR) Trusted by a large number of Fortune 500 and DAX companies 4 global locarons: Switzerland, Germany, USA, India New focus extends to data- centric security and classificaron for SAP

3 Agenda Understanding Current Business Landscape Ways to Mitigate Security Risks Demo Q & A

4 BUSINESS LANDSCAPE

5 Current Trends Datafica;on Businesses today cannot operate without their data infrastructure Every 2 years world s data is doubling in size BYOx Bring Your Own ANYTHING IT consumerizaron leads to loss of control over corporate data Collabora;on Cloud- based and file- sharing tools InformaRon cannot be confined to one locaron Security is one of the key issues

6 Borderless IT Corporate perimeter is eroding/has eroded Knowing where your data is has become a challenge Keeping track of data is next to impossible Data exists to be consumed and shared Locking everything down and disallowing employees to use data is counter- producrve Data itself should be protected for secure movement and usage

7 Businesses Aren t Prepared 27% of IT professionals admitted that they did not know the trends of data loss incidents over the past few years. (Cisco Systems) 39% of IT professionals worldwide were more concerned about the threat from their own employees than the threat from outside hackers. (Cisco Systems) 40% of organizations experienced a data breach or failed a compliance audit in the last year. (2015 Vormetric Insider Threat Report) 93% of U.S. organizations said that they felt vulnerable to insider attacks, only 7% felt safe. (2015 Vormetric Insider Threat Report)

8 The Risk is Real Home Depot s 56 Million Card Breach Bigger Than Target s Uber Says Security Breach May Have Compromised Driver Data Sony Pictures: The Data Breach and How The Criminals Won Millions exposed by latest health insurance hack Massive data breach could affect every federal agency Anthem Hacked, Millions of Records Likely Stolen Cost of data breaches increasing to average of $3.8 million, study says Target agrees to pay $10 million to data breach victims

9 Costs Associated with the Risk $5.85 million Average cost of data breach in USA in 2013 Source: 2014 Cost of Data Breach, Ponemon Institute Financial consequences of a data breach Divided by categories Cause of Data Breach Malicious afack System glitch Human error 29% Reputation damage 21% Lost productivity 19% Lost revenue 30% 42% 12% Forensics Source: IBM 10% Technical support 8% Regulatory 29% Source: 2014 Cost of Data Breach, Ponemon Institute STRICTLY CONFIDENTIAL 2015 SECUDE AG

10 Compliance Landscape The DataficaRon of Businesses = more strict compliance regularons Layered Security Approach: Network ProtecRon: DLP, Firewalls, VPN Storage ProtecRon: FDE, DB EncrypRon File- based protecron: IRM/DRM

11 Layered Approach to Security Network Data Loss PrevenRon (DLP) Firewalls Virtual Private Network (VPN) Storage Full Disk EncrypRon (FDE) Database EncrypRon File Prefy Good Privacy (PGP) InformaRon Rights Management (IRM) Network Storage File

12 MITIGATING THE RISK

13 SAP Data is the Heart of the Enterprise

14 Every Day Data is Extracted from SAP

15 Bridging the Gap with Context Awareness

16 Classify IdenRfy sensirve data extracted from SAP with intelligent classificaron Maximize investment in data governance solurons Gain 360 degree visibility and control OpRmize Data Loss PrevenRon (DLP) Benefits of SAP- na;ve classifica;on func;onality Ability to tag data extracted from SAP Lowered compliance costs Improved accuracy of DLP Increased user awareness

17 Block Empower users with first SAP- narve DLP funcronality Prevent accidental and malicious data leaks from SAP Prevent certain types of compliance sensirve data from leaving the enterprise Deep integra;on with SAP and contextual awareness User (Roles, AuthorizaRon) Data (TransacRon, Table) Technical environment (Front- end, App. Component)

18 Protect Apply granular access control and rights management to documents extracted from SAP with Microso\ RMS Minimize the risk of data breaches, the\ and accidental loss Secure data across mobile and cloud plaiorms Enable secure sharing with colleagues and partners Restricted access to sensirve SAP data across any device and any locaron Extending roles and authorizarons configured in SAP beyond enterprise borders Ability to control sensirve documents throughout their lifecycle

19 Next Steps Audit First Understand what data is extracted from SAP and how sensirve it is IdenRfy risky areas, users, and transacrons Maintain a full audit trail for compliance purposes Understand the flow if informaron in your organizaron What sensirve data you have Where it resides Who is accessing your data What acrons users perform with it

20 Demo

21 Questions? Aparna Jue Product Manager (404)