Security risk data export

By definition, SAP data is subject to a high security standard - at least as long as it is stored within the SAP system. But is this the rule or the exception?

The fact is that thousands of confidential data are exported from SAP every day by unknowing users, criminal insiders or background data exchange with external satellite systems.

This increases the risk of data misuse, makes it more difficult to comply with the documentation requirements of the new EU General Data Protection Regulation (GDPR) and threatens the existence of every company.

According to the latest IDC study "Mobile Security in Germany", 52% of IT managers are of the opinion that the greatest security risk lies with the users themselves. Both the inadvertent disclosure of information by employees and cybercriminal insider attacks play a role here.

According to the study "The dark web's increasing influence on insider risk" by RedOwl and IntSights, the number of insider contacts offering sensitive company data for sale on the dark web rose by almost 50 percent from 2015 to 2016.

The most common destination for exports is the Microsoft Office application world. And the risk is enormous: simply by inserting data into an MS PowerPoint file or forwarding an MS Excel export by email, structured SAP data is quickly and unnoticed transformed into unstructured Microsoft Office documents that can be distributed "unchecked" through the digital world.

And we are still at the beginning of the digital transformation - with increasing networking and the widespread introduction of the new SAP S/4 Hana application platform, the number of interfaces will also increase significantly.

If you want to protect your IT in the future, you should already be thinking about ways to effectively secure and control these new security gaps.

Securing data across applications

The IT security solution Halocore from Secude is the only solution worldwide that combines the security concepts of SAP and Microsoft and enables cross-process and cross-application protection of sensitive data.

Integrated into SAP, the solution audits all SAP data exports that leave the system via standard functions or copy-and-paste processes. The protection requirements of the data are automatically determined via an intelligent context classification and applied to the export files.

Even before the files reach a device, they are encrypted and protected with the help of Microsoft Azure Information Protection (AIP). Only those who are authorized are granted access to the documents concerned.

The solution also prevents the download of files that are not allowed to leave the SAP system and enables automated monitoring of background data exchange, for example via RFC, IDoc or web service, between the SAP and Microsoft applications.