Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data

STRICTLY CONFIDENTIAL | © 2016 SECUDE AGSTRICTLY CONFIDENTIAL | © 2016 SECUDE AG

Data Classification: Closing the Gap between Enterprise and SAP Data

STRICTLY CONFIDENTIAL | © 2016 SECUDE AG

Agenda

• About SECUDE• About BOLDON JAMES• The Role of Data Classification• Classification – User Experience• Classification – SAP Data• Question?


About SECUDESECUDE Global provider of IT data protection solutions for SAP

Solutions Focus on data centric security and classification solutionsHalocore Suite to protect sensitive data against loss or theftCompliance with legal and industry-specific requirements / guidelines

History 1996 – Spin-Off Fraunhofer & SAP Developer of SAP Single Sign-On technology (SAP Single Sign-On)2011 – Technology sold to SAP

Strategic Partner SAP Partner and Value Added Reseller (VAR), Microsoft Partner

Customers Implementation partner with Fortune-500 and DAX companies

Locations Switzerland, Germany, USA, India


Global leader in data classification and secure messaging solutions

Established in 1985, headquartered in the UK with 70+ employees

Owned by QinetiQ Plc $2bn defence & security technology business

30 years experience in delivering complex secure messaging, data security and information management solutions

Offices in the UK, US, Australia and Europe. World wide coverage through channel partner network.

About BOLDON JAMES


THE ROLE OF DATA CLASSIFICATION


IMPROVE data security awareness

Top drivers for data classification

1 ENFORCE corporate security policy2 IDENTIFY and secure valuable data3 DEMONSTRATE regulatory compliance 4 INCREASE the effectiveness of DLP solutions5 SECURE mobile and remote access6 ENCOURAGE safer collaboration7


5 steps to protect your sensitive data

Identify – your sensitive data

Discover – location and accessibility

Classify – data according to its value to the organisation

Secure – employ security control and protection measures

Monitor – measure and evolve security practices

1

2

3

4

5


Securing data throughout the lifecycle


Dimensions of data classification


Where to engage users?

Within their primary productivity tools

CREATIONSHARING &

COLLABORATION

https://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjHh5KO5b_LAhWkCJoKHbAJBMoQjRwIBw&url=https://twitter.com/draftsight&psig=AFQjCNGV3AA4da6DGnUDwbVaqHb9MgHvYg&ust=1458031577778257

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjkkL_2-MTLAhVFwBQKHQ2_AoIQjRwIBw&url=http://www.miecctv.co.uk/downloads/&bvm=bv.116954456,d.d24&psig=AFQjCNGJlJ08oBXLe5QThOhh3j8ZD3_U3A&ust=1458208669569469

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjkkL_2-MTLAhVFwBQKHQ2_AoIQjRwIBw&url=http://www.miecctv.co.uk/downloads/&bvm=bv.116954456,d.d24&psig=AFQjCNGJlJ08oBXLe5QThOhh3j8ZD3_U3A&ust=1458208669569469


A blended approach to classification

Users are empowered to make business-centric classification decisions

Supplement other techniques - apply labels that require additional user endorsement

Intelligent defaults and rules recommend a classification to the user

Data is automatically classified without user involvement – on creation / in transit / at rest

Combine Automated and Manual Techniques - to meet the needs of each Enterprise


CLASSIFICATION - USER EXPERIENCE


Visual marking of content

Visual marking of contentConsistent graphics

User Awareness through Visual Markings


User Insight Captured in Metadata

Classification selection

Visual summary of metadata marking

Metadata tags


Classification can get complicated !


Immediate feedback to the user


Immediate feedback to the user

Quick fixremediation

Warn or Prevent

Customisablefeedback


Extending to CAD applications…

Common User Experience


QUESTIONS?


CLASSIFICATION – SAP DATA


SAP Data | The Heart of the Enterprise

FICO

FinancialInformation

BW

Data WarehouseInformation

SRM

Price ListRFI, RFPQuotes

PP/PLM

Product Specifications

HR/HCM

PersonnelInformation

BI/BO

AnalyticalData


SAP | Data Movement

Corporate Unstructured Data

Data-Center

“2/3rd of corporate data lives outside the data center.” “Expected to grow 50% by 2017”.

Gartner Group

On average, sensitive data is sent outside organizations every 49 minutes.Check Point


Case Study: Austrian Manuf. Company

• 3,000 SAP Users on ECC 6 system• ~1,000 downloaded data

• Focus on Finance, Human Resources and Controlling• Halocore Auditing in PROD environment for 30 days• Result: 100,000 logged downloads


SAP | SAP and Enterprise Security

• Role and authorization system• Governance, Risk & Compliance• SAP Patch Management• Secure Network Communications

(SNC)• Secure Passwords and Single Sign-On• Database security, code scanning, …

SAP Security

• Perimeter: Firewalls & VPNs• Enterprise Data Classification• DLP• Cloud security • Data Centric Protection• Enterprise Rights Management• Security Information and Event

Management, …

Enterprise Security

• SECUDE Halocore

plus Halocore


SAP | Export of Data

x

Loss of all security controls

within SAP

No way to log or audit data export

activity

No classification of exported information

No protection and no control over access

Insufficient opportunities to

block data exports


Classification | Content-basedClassification as a downstream process


Classification | Context-basedClassification at Time of Creation with Halocore

Context Awareness is the ability to fully understand the context of where the data is coming from, who the user is as it relates to that context and where the data is going.

SAP Add-On: Context-aware solutions require integration


Halocore | Classify

x x

First SAP integrated Data Classification

Solution

Automatic context-sensitive classification of exported files

Classification of Office 2007+,

Adobe PDF, GIF, PNG, JPG

Tying existing DLP solutions

with Classification

Integration with Boldon James for

seamless user experience

Classify

x


Halocore + Classifier | Lifecycle control

x x


Solution





with Classification



Auto Classify

x

Visual Marking Onward Control

Classifier


Classification | Report View


Classification | Report Export


Classification | Choose File Format


Classification | Save As


Classification | Download Interception


Classification | Download Audited


Classification | Visual marking


Classification | Applying control


Classification | Onward control


Halocore + Classifier | Lifecycle control

x x


Solution





with Classification



Auto Classify

x

Visual Marking Onward Control

Classifier


Benefits of Joint Solution

Consistency in handling enterprise data, created both inside and outside of SAP

Ability to make more effective decisions on the controls needed for data protection

Lowered costs and compliance efforts on the national and international level

Improved accuracy of DLP and risk management solutions

Increased user awareness and accountability for data safeguarding


QUESTIONS?


www.boldonjames.com www.secude.com


Copyright

SECUDE AG © 2016 All rights reserved.

All product and service names mentioned are the trademarks of their respective companies. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express written permission of SECUDE AG. The information contained herein may be changed without prior notice.

Microsoft, Windows, and Active Directory are the brand names or registered trademarks of Microsoft Corporation in the United States.

Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data

Technology

Transcript of Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data