Optimising SAP Landscape Synposium Symplify to Succeed - Security Martyn Redman & Gary Voller - SAP Tuesday 28th April 2015 Agenda Security - Data Breach & Application • Simplify – Security of Data • Simplify – Code Vulnerability Analysis • Summary • Q&A • © 2014 SAP AG. All rights reserved. 2 Why is data Security so critical – today? Regulatory Internal Process Compliance Governance Adherence Your Customer Employee Business Trust Trust IPR © 2014 SAP AG. All rights reserved. 3 Where does the threat Exist? Applications Hardware Networks Security Measures Intellectual P roperty 86% • Switch/Router security of breaches occur at the Customer application layer • Firewalls Data and the threat is main internal • NIPS/NIDS • VPN Business • Net-Forensics Processes • Anti-Virus/Anti- Spam • DLP Trade • Host FW Secrets • Host IPS/IDS • Vuln. tools © 2014 SAP AG. All rights reserved. 4 Data Breach – Incident Type & Frequency Data Source : 2014 Information Security Breaches Technical Survey Report : Commissioned by Department for Business Innovation & Skills © 2014 SAP AG. All rights reserved. 5 What is the cost to your business • Large Organisations – £600K - £1.1m • Reputation in the market place • Lost Assets including IPR • 33% increase on 2013 Data Source : 2014 Information Security Breaches Technical Survey Report : Commissioned by Department for Business Innovation & Skills © 2014 SAP AG. All rights reserved. 6 How Do you Improve and Simplify Data Security Access Authorization System & Database UI Logging Control Concept Logging You are looking for improved data security? SAP supports you The User Interface (UI) Logging allows your company to trace all data read accesses. Hence you get the possibility to reproduce the conjunction of information accesses, which do not implicitly arise as a result of the design of your authorization concept. This active form of logging of data accesses helps you to better distinguish between data usage and data misuse. And delivers therefore a major contribution for building trust in your SAP application systems to your employees. © 2014 SAP AG. All rights reserved. 7 UI Logging is based on SAP NetWeaver Server-oriented architecture UI Logging is a non-modifying Add-on based on SAP NetWeaver and captures the data stream between SAP GUI and the backend system SAP GUI SAP Backend System Repository for Windows Dynpro Processor Database Layer Log Storage Request Development Response Observed data traffic Asynchronous Temporary call of Log log service As a consequence, the application is negligible influenced. Included sample Implementation © 2014 SAP AG. All rights reserved. 8 Implementation Example: E-Mail Alert on Access of HR Salary Data * Log Alert * Not part of solution © 2014 SAP AG. All rights reserved. 9 Enhanced Data Security through Field level control of Data Display remaining fields on screen appear as usual © 2014 SAP AG. All rights reserved. 10
Description: