A perspective on SECUDE-Microsoft relations – The story of HALOCORE

HALOCORE’S six-year history is based on a time-tested foundation and robust collaboration. Today, this is seeing heights greater than ever before.

Connecting two worlds

HALOCORE. The name conjures the six years of intensive research that went into developing this one-of-its-kind data security solution for SECUDE. Yep. Six years of HALOCORE-Microsoft relations. What has resulted is a unique technology that connects Microsoft IRM with the SAP world. The first version of HALOCORE was successfully launched in April 2014. The development was complex and resource intensive. But that is to be known. The Microsoft and SAP worlds are not easily compatible!

But why do we need such a solution in the first place?

In the current complex IT environment, it is known that the most valuable information of a company resides within its ERP landscape – and this is especially true for SAP users. While these systems do have strict access and data control within their boundaries, there is no visibility on any data export nor on any control as soon as the information leaves the system. And for long this would have been on the minds of CISOs and CIOs. But what could they do?

…And this is where HALOCORE plays a unique role

Exactly! First, HALOCORE provides a comprehensive audit trail to at least give the company a record to view, analyze and to quantify the risk of data exports. As an initial line of defence, HALOCORE allows the company to block exports of high value information to make sure that the information cannot leave the secured environment. However, data that might leave the system for valid reasons should be protected by a strong encryption mechanism, without breaking the business process. Hence, HALOCORE seamlessly protects the information transparently for the user leveraging Microsoft AIP, which it has since the beginning. In case of an ‘authorized’ data export, the end user will not see any difference to the process with or without HALOCORE – it all seamlessly happens in the background. However, the information exported is recorded and protected however and wherever it traverses.

By the way, have you read our latest blog on HALOCORE and Microsoft?

Built on a time-tested foundation and robust collaboration

As HALOCORE has been leveraging RMS from the beginning, we have had a very good relationship with the teams in Microsoft. In fact, over the past couple of weeks, I have had a great experience to test the MIP SDK with them and share my observations during private previews. As a practice, we have always worked on the latest private previews and to get HALOCORE compatible with it, we provided feedback where we thought necessary. Naturally, we have seen big improvements over the course of time. Such close work has also been helping us to get HALOCORE ready with the new SDK. The new functionality obviously also has consequences for HALOCORE. Some of them are architectural adjustments to make the move from RMS to MIP others are just improved functionality as you may see in this brief demo video.

As you may have watched in the video, HALOCORE derived classification can now be mapped directly to the appropriate label, thus enabling protection and classification to exist outside the SAP system. The label is exactly what the MIP SDK sets and can so use all the MIP features Microsoft has built and will continue to build.

Feeling gung-ho!

We are sure our journey together with Microsoft into the world of MIP has just begun and many more great enhancements will follow. I would like to say a special thanks to the MIP team at Microsoft. It has been wonderful working with them on the new SDK.

Related Reading

[1] Do you have Microsoft Azure Information Protection? What stops you from using it?

Reference

[1] Applications that support Azure Rights Management data protection

[2] MIP SDK @Build – Kartik Kanakasabesan (Microsoft)