Data Exports - The Big Security Risk
Blog Security

Data Exports – The Big Security Risk

Most business processes are not limited to SAP. Sensitive data is exported by users using Microsoft Office applications - a risk that is clearly underestimated.

By definition SAP data is subject to a high security standard – at least as long as it is within the SAP system. But is this the general rule or an exception? The fact is that thousands of confidential data are exported every day by unaware users, malicious insiders or through automated exchange with external satellite systems. This increases the risk of data misuse, makes compliance with the new EU Data Protection Code (GDPR) increasingly difficult, threatening the subsistence of any company.

According to a recent IDC study regarding mobile security in Germany, 52% of IT executives believe that the greatest security risk lies with the users themselves.  Accidental disclosure of information by employees as well as cybercriminal insider attacks play a role. According to another report by RedOwl and IntSights, recently published by Computerwoche, the number of insiders who offer sensitive company data for sale in the Dark Web went up by almost 50% from 2015 to 2016.

Control data exports

One of the most common target environments of data exports is Microsoft Office. The risk in doing this is enormous: by inserting data into a Microsoft PowerPoint document or by forwarding a Microsoft Excel spreadsheet by e-mail, structured SAP data quickly and unintentionally becomes unstructured Microsoft Office documents, which can be distributed across the digital world without any control. And this is only the beginning of digital transformation.

SAP Security

With the increasing IT networks and the introduction of the new  S/4 Hana platform, the number of interfaces will also increase significantly. Whoever wants to protect his IT in the future should already think about ways to effectively safeguard and control new security gaps.

Secure data across applications

Secude’s IT security solution Halocore is the only solution that integrates security concepts of SAP and Microsoft and provides process- and application-wide protection of sensitive data. Integrated into the SAP digital core, the solution audits all SAP data exports, which leave the system using standard functions or by copy & paste. Intelligent context-specific classification automatically detects the protection requirements of the data and applies them to the export files.

Before the files reach a device, they are encrypted and protected using Microsoft Azure Information Protection (AIP). Only those users who are authorized will be given access to the protected documents.

The solution also blocks files that are not allowed to egress from the SAP system. It also enables automated monitoring of the background data exchange, for example via RFC, IDoc or web service, between SAP and Microsoft applications.

E-3 Magazine (German) - October 2017

About the author

Holger Huegel, Secude

Holger Hügel is Vice President Products and Services at Secude.

Add Comment

Click here to post a comment

Sign up for e3zine´s biweekly newsbites

Please do not use administrative mail adresses like "noreply@..", "admin@.." or similar as these may get blocked for security reasons.

We use rapidmail for dispatching our newsletter. By signing up, you agree that the data you have entered will be transmitted to rapidmail. Please take note of their terms and conditions and privacy policy.termsandconditions.

Our Authors