{"id":1991,"date":"2016-11-24T13:50:45","date_gmt":"2016-11-24T12:50:45","guid":{"rendered":"http:\/\/e3mag.com\/?p=1991"},"modified":"2019-04-01T08:57:49","modified_gmt":"2019-04-01T06:57:49","slug":"stop-data-loss-at-source","status":"publish","type":"post","link":"https:\/\/e3mag.com\/en\/stop-data-loss-at-source\/","title":{"rendered":"Stop data loss at the source"},"content":{"rendered":"

Whether through malicious Hacker<\/span> or careless own Employees<\/span> Caused: Catch sensitive Data<\/span> into the wrong hands, have Company<\/span> considerable financial and legal risks are to be expected.<\/p>\n

For example, it can be particularly costly for companies in the pharmaceutical industry if formulations for medicines end up in the hands of competitors, thereby destroying many years of research work.<\/p>

\"\"<\/a><\/div>\n

For credit institutions, the banking information of the Customers<\/span> The risk of unauthorized outflow of funds is particularly high, as there is a risk of damage to the company's reputation as well as claims for damages.<\/p>\n

Across all industries, all Company<\/span> have an increased focus on personal employee information, as unauthorized leakage can also result in legal penalties.<\/p>\n

Data Leak Prevention (DLP) provides a set of methods and tools for sealing potential data leaks.<\/p>\n

Allen<\/span> The common feature is that they control the data flow in the corporate network at defined exit points. monitor<\/span> and then sound the alarm when business-critical Information<\/span> reach the outside or have already reached it.<\/p>\n

Exit points in sight<\/h3>\n

To achieve this, the individual DLP solutions rely on different levels of the IT-Infrastructure<\/span><\/span> an. Thus, there are tools with which Company<\/span> can monitor which Data<\/span> from the laptops of the Employees<\/span> be stored on mobile devices, such as USB sticks.<\/p>\n

In SAP<\/span>-environments, there are in principle several possibilities for data flow. Thus, during the execution of a certain Abap<\/span>-program, the required Data<\/span> from the SAP<\/span>-database tables and read them out via different
\ncommunication channels to the users: starting with classic output lists via special SAP<\/span>-Interfaces<\/span> to modern web services.<\/p>\n

To avoid data loss, monitor<\/span> the traditional DLP approaches precisely where the communication channels end in such a way that the Data<\/span> can either be tapped by the end users or can be modified through technical Interfaces<\/span> the SAP<\/span>-system.<\/p>\n

Another much-used option is that User<\/span> from a Abap<\/span>-Program<\/span> create an email and send the SAP<\/span>-Data<\/span> send as an attachment.<\/p>\n

As different as the individual technical DLP methods are, what they all have in common is that they require a great deal of effort in order to identify the critical SAP<\/span>-Data<\/span> and to effectively manage the multiple exit points from the corporate network. monitor<\/span>.<\/p>\n

Source code<\/span>-Analysis<\/h3>\n

To reduce this expense, the SAP<\/span>-With the CodeProfiler tool, security provider Virtual Forge has developed a new approach that starts much earlier and is more sustainable: With the so-called static DLP-Analysis<\/span> the drainage channels can be made more sensitive. SAP<\/span>-Data<\/span> already in the SAP<\/span>-Source code<\/span> Identify.<\/p>\n

In contrast to the usual reactive DLP approaches, the static DLP-.Analysis<\/span> thus preventive. Directly in the SAP<\/span>-code identifies the locations that attackers use for fraudulent purposes or their own Employees<\/span> could inadvertently use it to perform business-critical SAP<\/span>-Data<\/span> first from the database tables, then completely from the SAP<\/span>-applications.<\/p>\n

Since the installation of the CodeProfiler is technically very simple, it is ready for use in a short time and the results of a Analysis<\/span> are quickly available.<\/p>\n

At the same time, however, it must also be clarified which of the SAP<\/span>-Information<\/span> in a Company<\/span> are particularly worthy of protection. Depending on the industry, these may be Data<\/span> from specific areas of the company, such as finance, development, marketing or sales.<\/p>\n

At the same time, constantly changing statutory data protection and Compliance<\/span>company-specific company agreements as well as agreements reached with the works council.<\/p>\n

Are the sensitive SAP<\/span>-Data<\/span> identified, it must be ensured that only those users can access it who have the appropriate SAP<\/span>-authorizations.<\/p>\n

Since the classification of business-critical SAP<\/span>-Data<\/span> requires extensive expertise, Virtual Forge works closely with the auditing and consulting firm KPMG on DLP customer projects.<\/p>\n

Conversely, KPMG consultants rely on static DLP-Analyses<\/span> from Virtual Forge when they become Customers<\/span> be called, in which undesirable SAP<\/span>-data outflows have been detected.<\/p>\n

Increasingly, KPMG is also used for Customers<\/span> actively seeking to anticipate such IT security incidents. For example, the specialist departments, representatives from the areas of Governance, Risk & Compliance<\/span> (GRC), internal data protection officers and works councils are increasingly looking for effective DLP approaches to counter the risks of possible SAP<\/span>-data loss at an early stage.<\/p>\n

The growing demand is motivated by the fact that in many Company<\/span> the number of SAP<\/span>systems has grown so much over the years that it has often become difficult to keep track of which business-critical Data<\/span> from which SAPPrograms<\/span> and - above all - in which context they are processed.<\/p>\n

This increases the risks that the SAP<\/span>-Data<\/span> unauthorized addressees inside and outside the Company<\/span> achieve. To Customers<\/span> to facilitate collaboration on DLP projects, Virtual Forge and KPMG have combined their technology and expertise in a joint offering.<\/p>\n

Each project is divided into five phases:<\/p>\n

    \n
  1. Definition of the legal and technical requirements. At the start of the project, together with the Customers<\/span> clarified which of the existing SAP<\/span>-Information<\/span> are business-critical and thus particularly worthy of protection.<\/li>\n
  2. Identification of the relevant data fields and SAP<\/span>-applications, which Data<\/span> process. This determines which User<\/span> for the execution of which SAP<\/span>-Programs<\/span> authorized and whether the existing authorizations are correct. The result is a target image that differentiates between permitted and non-permitted data outflows.<\/li>\n
  3. Use of the CodeProfiler. For this purpose, the business requirements are transferred into a technical language, i.e. the DLP process is parameterized. The CodeProfiler combs through the Abap<\/span>-Source code<\/span> with search algorithms and provides an actual picture of potential data outflows.<\/li>\n
  4. Comparison of the target and actual image of possible SAP<\/span>-data outflows. In this phase, the knowledge gained through the use of the CodeProfiler is compared with the legal and technical requirements of the Company<\/span> compared.<\/li>\n
  5. Definition of recommendations for action. As a result, the Company<\/span>\u00a0 concrete measures to achieve the target image and thereby prevent unauthorized SAP<\/span>-to prevent data outflows. A central measure is the cleansing of the affected SAP<\/span>-Source codes.<\/li>\n<\/ol>\n

    Continuous scans recommended<\/h3>\n

    To ensure sustainable sealing of possible SAP<\/span>-data leaks, it is recommended for the Company<\/span>, the static DLP-Analyses<\/span> apply not only once, but regularly.<\/p>\n

    In this way, the constant new developments and adjustments within SAP<\/span>-systems, additional data leakage opportunities arise that can only be detected if the scans with CodeProfiler are continuously integrated into the development and security review processes.<\/p>","protected":false},"excerpt":{"rendered":"

    The unwanted outflow of business-critical SAP data can have threatening consequences for companies. With a joint approach from Virtual Forge and KPMG, users get to the root of the problem. <\/p>","protected":false},"author":62,"featured_media":2008,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pmpro_default_level":"","footnotes":""},"categories":[5,740],"tags":[174,637,618,437],"coauthors":[23909],"class_list":["post-1991","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-management","category-mag1612","tag-compliance","tag-hacker","tag-kunde","tag-mitarbeiter","pmpro-has-access"],"acf":[],"featured_image_urls_v2":{"full":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",1772,1268,false],"thumbnail":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-150x150.jpg",150,150,true],"medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",400,286,false],"medium_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-768x550.jpg",768,550,true],"large":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-1200x859.jpg",1200,859,true],"image-100":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-100x72.jpg",100,72,true],"image-480":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-480x343.jpg",480,343,true],"image-640":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-640x458.jpg",640,458,true],"image-720":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-720x515.jpg",720,515,true],"image-960":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-960x687.jpg",960,687,true],"image-1168":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-1168x836.jpg",1168,836,true],"image-1440":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-1440x1030.jpg",1440,1030,true],"image-1920":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",1772,1268,false],"1536x1536":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-1536x1099.jpg",1536,1099,true],"2048x2048":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",1772,1268,false],"trp-custom-language-flag":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",18,12,false],"bricks_large_16x9":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",943,675,false],"bricks_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",1200,859,false],"bricks_large_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",1200,859,false],"bricks_medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",600,429,false],"bricks_medium_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK.jpg",600,429,false],"profile_24":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-24x24.jpg",24,24,true],"profile_48":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-48x48.jpg",48,48,true],"profile_96":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-96x96.jpg",96,96,true],"profile_150":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-150x150.jpg",150,150,true],"profile_300":["https:\/\/e3mag.com\/wp-content\/uploads\/2016\/11\/shutterstock_128689925_CMYK-300x300.jpg",300,300,true]},"post_excerpt_stackable_v2":"

    Der unerw\u00fcnschte Abfluss gesch\u00e4ftskritischer SAP-Daten kann f\u00fcr Unternehmen bedrohliche Folgen haben. Mit einem gemeinsamen Ansatz von Virtual Forge und KPMG packen Anwender das Problem an der Wurzel. <\/p>\n","category_list_v2":"IT-Management<\/a>, MAG 16-12<\/a>","author_info_v2":{"name":"Sch\u00f6nh\u00f6fer\/Lorenz, KPMG","url":"https:\/\/e3mag.com\/en\/author\/sebastians-und-eduart-lorenz\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/1991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/comments?post=1991"}],"version-history":[{"count":0,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/1991\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media\/2008"}],"wp:attachment":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media?parent=1991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/categories?post=1991"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/tags?post=1991"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/coauthors?post=1991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}