Five Steps to Integrate SAP into Your Enterprise Defense Framework

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next Five Steps to Integrate SAP into Your Enterprise Defense Framework-2 Next

Data Movement

Conduct an Audit to Identify Sensitive Data Movement

Building a company-wide protection framework is impossible without understanding where and how sensitive information is used, stored, and moved. Unfortunately, tracking data as it moves within your IT perimeter and beyond is rarely an easy task. It is especially true for data that gets extracted from SAP systems and applications by users on a daily basis to run reports, crunch and analyze numbers, and share information with colleagues and partners.

An audit can reveal sensitive data tucked away in places that you'd never expect: stored (unprotected) in applications and databases across the network, and in employee-owned mobile devices, cloud-based services, and more.

The necessary first step is to conduct a full audit on applications that act as data source, such as SAP, and then identify all the places where sensitive data is processed, transmitted and stored. Data flows in and out of an enterprise in enormous volumes and rates. It is precisely this flow that needs to be the focus of a comprehensive security approach. Many companies approach security by trying to patch holes in the IT perimeter, but lose sight of the importance of securing the actual flow of information.

In an age where digitizing information is the norm, organizations large and small rely on a myriad of applications, systems, and tools to create, collaborate, analyze, and report large volumes of data critical to the success of their businesses.  One such tool, SAP, is used by a remarkable 282,000 customers around the world to run their businesses.

In addition to being an enterprise resource planning (ERP) tool, SAP is also a primary storage vault for a vast amount of sensitive and business-critical data. The data stored in SAP ranges from personally identifiable information (PII) such as Social Security numbers and financial metrics (such as unreleased quarterly results) to bill of material (BOM) information – often related to products that are subject to export control regulations (EAR and ITAR) and trade secrets.

SAP represents a mission-critical piece of IT infrastructure companies spend a lot of time and effort protecting, but many often fail to integrate SAP and its sensitive data into their overall data protection strategy. A comprehensive enterprise defense model is a key requirement in today’s age of digitized data, and ERP software should be an incremental part of that ecosystem. In this slideshow, SECUDE highlights five steps organizations should take to ensure SAP is integrated in their security framework.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.