Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
-
Upload
ul-transaction-security -
Category
Technology
-
view
472 -
download
1
Transcript of Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
STRICTLY CONFIDENTIAL | © 2016 SECUDE AGSTRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Data Classification: Closing the Gap between Enterprise and SAP Data
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Agenda
• About SECUDE• About BOLDON JAMES• The Role of Data Classification• Classification – User Experience• Classification – SAP Data• Question?
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
About SECUDESECUDE Global provider of IT data protection solutions for SAP
Solutions Focus on data centric security and classification solutionsHalocore Suite to protect sensitive data against loss or theftCompliance with legal and industry-specific requirements / guidelines
History 1996 – Spin-Off Fraunhofer & SAP Developer of SAP Single Sign-On technology (SAP Single Sign-On)2011 – Technology sold to SAP
Strategic Partner SAP Partner and Value Added Reseller (VAR), Microsoft Partner
Customers Implementation partner with Fortune-500 and DAX companies
Locations Switzerland, Germany, USA, India
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Global leader in data classification and secure messaging solutions
Established in 1985, headquartered in the UK with 70+ employees
Owned by QinetiQ Plc $2bn defence & security technology business
30 years experience in delivering complex secure messaging, data security and information management solutions
Offices in the UK, US, Australia and Europe. World wide coverage through channel partner network.
About BOLDON JAMES
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
THE ROLE OF DATA CLASSIFICATION
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
IMPROVE data security awareness
Top drivers for data classification
1 ENFORCE corporate security policy2 IDENTIFY and secure valuable data3 DEMONSTRATE regulatory compliance 4 INCREASE the effectiveness of DLP solutions5 SECURE mobile and remote access6 ENCOURAGE safer collaboration7
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
5 steps to protect your sensitive data
Identify – your sensitive data
Discover – location and accessibility
Classify – data according to its value to the organisation
Secure – employ security control and protection measures
Monitor – measure and evolve security practices
1
2
3
4
5
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Securing data throughout the lifecycle
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Dimensions of data classification
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Where to engage users?
Within their primary productivity tools
CREATIONSHARING &
COLLABORATION
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
A blended approach to classification
Users are empowered to make business-centric classification decisions
Supplement other techniques - apply labels that require additional user endorsement
Intelligent defaults and rules recommend a classification to the user
Data is automatically classified without user involvement – on creation / in transit / at rest
Combine Automated and Manual Techniques - to meet the needs of each Enterprise
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
CLASSIFICATION - USER EXPERIENCE
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Visual marking of content
Visual marking of contentConsistent graphics
User Awareness through Visual Markings
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
User Insight Captured in Metadata
Classification selection
Visual summary of metadata marking
Metadata tags
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification can get complicated !
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Immediate feedback to the user
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Immediate feedback to the user
Quick fixremediation
Warn or Prevent
Customisablefeedback
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Extending to CAD applications…
Common User Experience
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
QUESTIONS?
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
CLASSIFICATION – SAP DATA
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
SAP Data | The Heart of the Enterprise
FICO
FinancialInformation
BW
Data WarehouseInformation
SRM
Price ListRFI, RFPQuotes
PP/PLM
Product Specifications
HR/HCM
PersonnelInformation
BI/BO
AnalyticalData
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
SAP | Data Movement
Corporate Unstructured Data
Data-Center
“2/3rd of corporate data lives outside the data center.” “Expected to grow 50% by 2017”.
Gartner Group
On average, sensitive data is sent outside organizations every 49 minutes.Check Point
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Case Study: Austrian Manuf. Company
• 3,000 SAP Users on ECC 6 system• ~1,000 downloaded data
• Focus on Finance, Human Resources and Controlling• Halocore Auditing in PROD environment for 30 days• Result: 100,000 logged downloads
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
SAP | SAP and Enterprise Security
• Role and authorization system• Governance, Risk & Compliance• SAP Patch Management• Secure Network Communications
(SNC)• Secure Passwords and Single Sign-On• Database security, code scanning, …
SAP Security
• Perimeter: Firewalls & VPNs• Enterprise Data Classification• DLP• Cloud security • Data Centric Protection• Enterprise Rights Management• Security Information and Event
Management, …
Enterprise Security
• SECUDE Halocore
plus Halocore
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
SAP | Export of Data
x
Loss of all security controls
within SAP
No way to log or audit data export
activity
No classification of exported information
No protection and no control over access
Insufficient opportunities to
block data exports
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Content-basedClassification as a downstream process
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Context-basedClassification at Time of Creation with Halocore
Context Awareness is the ability to fully understand the context of where the data is coming from, who the user is as it relates to that context and where the data is going.
SAP Add-On: Context-aware solutions require integration
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Halocore | Classify
x x
First SAP integrated Data Classification
Solution
Automatic context-sensitive classification of exported files
Classification of Office 2007+,
Adobe PDF, GIF, PNG, JPG
Tying existing DLP solutions
with Classification
Integration with Boldon James for
seamless user experience
Classify
x
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Halocore + Classifier | Lifecycle control
x x
First SAP integrated Data Classification
Solution
Automatic context-sensitive classification of exported files
Classification of Office 2007+,
Adobe PDF, GIF, PNG, JPG
Tying existing DLP solutions
with Classification
Integration with Boldon James for
seamless user experience
Auto Classify
x
Visual Marking Onward Control
Classifier
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Report View
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Report Export
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Choose File Format
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Save As
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Download Interception
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Download Audited
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Visual marking
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Applying control
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Onward control
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Onward control
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Onward control
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Classification | Onward control
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Halocore + Classifier | Lifecycle control
x x
First SAP integrated Data Classification
Solution
Automatic context-sensitive classification of exported files
Classification of Office 2007+,
Adobe PDF, GIF, PNG, JPG
Tying existing DLP solutions
with Classification
Integration with Boldon James for
seamless user experience
Auto Classify
x
Visual Marking Onward Control
Classifier
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Benefits of Joint Solution
Consistency in handling enterprise data, created both inside and outside of SAP
Ability to make more effective decisions on the controls needed for data protection
Lowered costs and compliance efforts on the national and international level
Improved accuracy of DLP and risk management solutions
Increased user awareness and accountability for data safeguarding
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
QUESTIONS?
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
www.boldonjames.com www.secude.com
STRICTLY CONFIDENTIAL | © 2016 SECUDE AG
Copyright
SECUDE AG © 2016 All rights reserved.
All product and service names mentioned are the trademarks of their respective companies. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express written permission of SECUDE AG. The information contained herein may be changed without prior notice.
Microsoft, Windows, and Active Directory are the brand names or registered trademarks of Microsoft Corporation in the United States.