The global and independent platform for the SAP community.

Prevent unwanted data outflow from SAP systems

Data loss prevention, the protection against the leakage of confidential data, is a combination of technical aspects and employee-related measures.
Robert Hegyi, Swisscom
May 7, 2020
It Security
avatar
This text has been automatically translated from German to English.

It can happen quickly: in a hurry, the wrong recipient is selected in the email and the confidential product presentation is leaked. Or the - naturally unprotected - USB stick with business-critical data is left somewhere on a business trip. Not to mention cases in which employees deliberately pass on confidential information.

The protection of confidential company data is as important as it is complex, as these examples show. Data loss prevention (DLP) or data leakage prevention refers to all measures designed to prevent the unwanted outflow of company information.

Compliance requirements based on regulations and data protection laws play an important role here. Because violating these rules can result in severe fines.

However, reputation is just as important as the basis for customer trust. Customers rightly expect companies to handle the data entrusted to them in a trustworthy manner. A data leak can quickly result in a loss of customers.

The introductory example with the wrong email recipient shows that DLP must include a combination of technical measures, processes and employee awareness.

Perhaps in this case it would have been technically possible to prevent the product presentation from being sent. But an employee trained in handling confidential data would never have thought of forwarding the document by email.

Preventive awareness-raising activities help to raise understanding of how to handle confidential data - and also of the necessary guidelines, processes and technical protective measures. However, there is no such thing as absolute security.

The key to successfully preventing data leakage lies in the way it is implemented and the measures must not hinder the business. Otherwise, there will be no acceptance and employees will find creative ways to circumvent DLP.

Information that is stored and processed in SAP systems is particularly exposed data. For many companies, this is the linchpin of numerous company-relevant processes.

Even with a well thought-out and granular SAP role and authorization concept, data outflow cannot be effectively controlled or monitored, nor can it be prevented in every case via data classification. If confidentially classified SAP data is not protected more comprehensively, hackers and data thieves are easy prey.

Companies should consider watertight answers to key questions. For example, are protection mechanisms in place to prevent data from leaving the SAP application through accidental or deliberate data leaks? And is compliance with legal requirements or internal guidelines ensured through the seamless implementation of access and transfer controls?

Also to be considered: Can the increase in response speed in the event of a cyberattack be implemented immediately through real-time notification and alerting? And how is intellectual property and sensitive SAP data protected by controlling SAP downloads and encrypting exported documents? Only those who consider a comprehensive strategy and follow it consistently can guarantee data security.

We advise you to address the challenges mentioned above for yourself and your customers. There are common security solutions that ensure adherence to industry-specific compliance guidelines and automatically protect data exports from SAP applications and document management systems (DMS).

Prevent the outflow of your sensitive, business-critical data - without compromising business processes or limiting user-friendliness.

https://e3magpmp.greatsolution.dev/partners/swisscom-ag/
avatar
Robert Hegyi, Swisscom

Robert Hegyi is Principal Consultant SAP GRC at Swisscom (Switzerland) AG.


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 20, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.