The global and independent platform for the SAP community.

Security risk data export

Most business processes are not limited to SAP. Much sensitive data is exported by users to MS Office applications - a risk that is significantly underestimated.
Holger Hügel, Secude
September 21, 2017
Security risk data export
avatar
This text has been automatically translated from German to English.

By definition, SAP data is subject to a high security standard - at least as long as it is stored within the SAP system. But is this the rule or the exception?

The fact is that thousands of confidential data are exported from SAP every day by unknowing users, criminal insiders or background data exchange with external satellite systems.

This increases the risk of data misuse, makes it more difficult to comply with the documentation requirements of the new EU General Data Protection Regulation (GDPR) and threatens the existence of every company.

According to the latest IDC study "Mobile Security in Germany", 52% of IT managers are of the opinion that the greatest security risk lies with the users themselves. Both the inadvertent disclosure of information by employees and cybercriminal insider attacks play a role here.

According to the study "The dark web's increasing influence on insider risk" by RedOwl and IntSights, the number of insider contacts offering sensitive company data for sale on the dark web rose by almost 50 percent from 2015 to 2016.

The most common destination for exports is the Microsoft Office application world. And the risk is enormous: simply by inserting data into an MS PowerPoint file or forwarding an MS Excel export by email, structured SAP data is quickly and unnoticed transformed into unstructured Microsoft Office documents that can be distributed "unchecked" through the digital world.

And we are still at the beginning of the digital transformation - with increasing networking and the widespread introduction of the new SAP S/4 Hana application platform, the number of interfaces will also increase significantly.

If you want to protect your IT in the future, you should already be thinking about ways to effectively secure and control these new security gaps.

SAP And Microsoft 1710

Securing data across applications

The IT security solution Halocore from Secude is the only solution worldwide that combines the security concepts of SAP and Microsoft and enables cross-process and cross-application protection of sensitive data.

Integrated into SAP, the solution audits all SAP data exports that leave the system via standard functions or copy-and-paste processes. The protection requirements of the data are automatically determined via an intelligent context classification and applied to the export files.

Even before the files reach a device, they are encrypted and protected with the help of Microsoft Azure Information Protection (AIP). Only those who are authorized are granted access to the documents concerned.

The solution also prevents the download of files that are not allowed to leave the SAP system and enables automated monitoring of background data exchange, for example via RFC, IDoc or web service, between the SAP and Microsoft applications.

https://e3mag.com/partners/secude-gmbh/

avatar
Holger Hügel, Secude

Holger Hügel is Vice President Products and Sercvices at Secude


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 24, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.