Blog

Valuable SAP Security Knowledge

Enterprise-level data security: Big picture first; details foremost

Despite the growing complexity of threats that faces enterprises today, data security practitioners need to be agile and keep in mind the bigger threat picture. While this does translate to dynamic response mechanisms and constantly evolving security paradigms, those responsible for data security shouldn’t lose sight of the ‘small’ things, for as they say, the devil is in the details.

Read more

Six Things to do to Get Your Data Stolen

Have you taken all the steps to throw your data into the winds? If not, you should read this blog post. Leaving your data to the wolves isn’t as easy as you think. Here’s why…

Read more

Now its Google. Are You Next?

British Airways, Apple Inc., Tesla… the list just keeps growing. The latest in this infamous line is none other than Google. Recently, former Google engineer Anthony Levandowski was accused of stealing self-driving car project details as he moved on to join Uber

Read more

Three Simple Tips to Keep Your CAD Files Safe and Secure

In the world of manufacturing and high-tech companies the most critical IP, like details of either mature products or yet-to-be patented prototypes, is represented as constructional drawings typically stored as CAD files. Cyber-committed CEOs understand that business continuity in digital processes requires new data-centric security strategies. Here are three important points for you to keep in mind when protecting your CAD files.

Read more

Serial data breach cases. When corporations know so much about you. Why don’t they protect your information?

They know all about you. Your health status. Your financial status. About your family. About your vacations – where you go, what you consume and what you do. All that information just got into the hands of pretty unsavory characters from institutions that you believed would never reveal your data.

Read more

Apple and Tesla Story Needn’t Be Yours

Apple recently revealed that its CAD schematics had leaked, spurring it to reduce ‘factory secrecy staff’ and invest in technology. Last year, Tesla had revealed such loss. This needn’t be if organizations take one small, but largely overlooked, step towards CAD file protection. This is what they should do.

Read more

What is the first step towards data-centric security?

To be forewarned is to be forearmed. This popular truism cannot be truer when it comes to data-centric security. However, the key question often is: where does one begin? This brief blog presents a clear step forward towards data-centric protection.

Read more

Big Data + Small Gaps = Big Trouble

It is all about protecting your crown jewels. If you are an SAP user, you will be well aware of the security provided ‘inside’. But the key question is: what happens to the security of your data once they are downloaded or even shared with ‘legitimate’ outsiders? Can you ensure data integrity?

Read more

Protecting IP of a Manufacturing Company – A Case Study

IP is the crown jewel of any organization. Protecting it goes beyond traditional security paradigms. Here is the case study of a leading Swiss chip manufacturer who took the extra step of taking a data-centric approach beyond the standard security paradigm.

Read more

Five SAP data protection scenarios where HALOCORE must be considered

An ERP, such as SAP, is ubiquitous and all-encompassing. The key value of such a platform is its ability to power operations across departments by enabling seamless data sharing. However, data that is being shared may also be misused and stolen. Here are five SAP data protection scenarios where HALOCORE must be considered.

Read more

Five Types of Insiders who may steal your Company’s Data

Most CIOs and data security practitioners believe that traditional security measures such as firewalls, anti-virus and even password best practices are credible protection against data leaks and theft. The fact is that they are not – especially when the root of the problem could be the employee himself.

Read more

10 Data Leaks that have cost Fortune 500 companies a fortune

Losing data can be a painful–even disastrous– experience. Considering the following 10 data breaches, SECUDE suggests a proven solution to avert such tragedy in your organization.

Read more

Why CEOs Should Worry About Data Leaks

CEOs are aware that losing IP and data devastates brand, business reputation and finally the entire company. But only a few are committed to a cyber security strategy for protecting their digital assets. When the CEO’s skin is in the game why do they fall short?

Read more

How to ascertain suspected data leak from the IT landscape?

Wipro, the India-based IT giant, is in the news for a major breach of its systems. An advanced phishing attack has enabled hackers, possibly government sponsored, to use Wipro’s network to ‘listen’ to information exchanges with customers and external vendors. Is there a way to thwart data leaks right at the beginning? What should be done?

Read more

The Simple Printer: Innocuous Office Tool or Source of Silent Data Leak?

The innocuous office printer is a seemingly simple corporate device of everyday use. Despite stringent ‘go-green’ and ‘paperless office’ initiatives printing will continue to be. But what comes out needn’t be authorized printed documents. They may also be vital intellectual property or other sensitive information. It’s time IT Managers look beyond mere maintenance issues.

Read more

Why invest in a new CAD file security solution when you can leverage your investment in Microsoft AIP

Manufacturing companies create and manage their IP based on CAD drawings that are often shared outside the organization. The risk of losing this IP is significant. Is there a solution to secure your CAD files without any major additional expense? Watch this brief demo to know how.

Read more

Data-centric security: Protecting the lifeblood of your business

It is high time that data security practitioners – CIOs, CISOs and, indeed, even business leaders take a long and hard look at their IT security practices. If it does not include data security to a large degree, they have just left their treasure chest wide open.

Read more

Data breach in Germany: Who will pay the GDPR fine this time?

Germany seems to be in the news for wrong reasons. The country paid its first GDPR fine recently. Now a major data breach in the country has potential to create a political furor. It is time the political, the public and all classes in between take a serious look at data security.

Read more

SAP and Oracle applications are increasingly being targeted by hackers

Cyber security companies and the US Department of Homeland Security warn of an increasing number of hidden hacker attacks on vulnerable SAP and Oracle applications which provide unrestricted access to systems.

Read more

Germany’s first GDPR fine: Understanding what is important

Over a month ago the data protection authority of Baden-Württemberg imposed the first fine for violation of GDPR. This clearly means that companies' honeymoon period is over. It is time they pull up their socks and get to work in meeting the regulation's requirements.

Read more

Complying with HIPAA – The HALOCORE way

The recent report about an ex-employee’s access to e-PHI data of a leading Colorado-based medical center raises another important question in addition to robust access control: How to protect data that egress an organization’s enterprise landscape?

Read more

Hospitality doesn’t pay; Robust data security does: What Marriott should have done at the outset

PII of around 500 million(!) guests at Marriott hotels has been compromised. The cause of this is due to unauthorized access within its network since 2014. Could this have been averted as early as 2010 when it switched to SAP ERP?

Read more

From university to industry: A few perspectives from Philipp Meier

Through this brief post, Philipp Meier, Vice President (Research & Development) shares his thought on the values of industry-university connect after the recently inaugurated bachelors programme in Information and Cyber Security.

Read more

Insider threat could be insidious to regional stability

The recent arrest of a BrahMos Aerospace engineer highlights the need for organizations, private and government-run, dealing with sensitive military technologies to up their data security best practices. When it comes to national security, best may not be best enough.

Read more

Bridging Technology Landscapes for Enhanced Data Security: A Microsoft Case Study

“HALOCORE provides effective classification and protection of sensitive data by controlling SAP exports and encrypting extracted documents... Deploying HALOCORE at Microsoft helps us keep our company more secure and compliant,” says Shalini Gupta, Principal Privacy Lead at Microsoft. Read the brief case study to know more.

Read more

Four steps to spot and stop data theft in your SAP landscape

Outsider threats, while still an important consideration in cyber security, account for only 40% of malicious attacks on your system while 60% potentially come from trusted insiders. Here are 4 important steps to keep in mind.

Read more

A stable SAP data security policy is imperative to implement GDPR

SAP customers are concerned about identification of data in the SAP system, their pseudonymisation in copies of the production system, and timely information, blocking and finally deletion of user data. This is what users should keep in mind.

Read more

Reuters article on hackers highlights basic question overlooked by CIOs

A startling research report highlighted by a recent Reuters article on SAP data security reveals that attacks by hackers targeting large ERP software, such as SAP, are at an alarming raise and that many large corporates are falling victim. The reason for this is due to an obviously overlooked issue: Lack of importance to data security.

Read more

Data breach by National Health Service reconfirms that systemic data leaks is an often overlooked security issue

The latest incident of data loss by the National Health Service in the UK reconfirms that data leaks needn’t always be man-made. With increasing reliance on automation and system-to-system communication, it is imperative that organizations constantly monitor data flows.

Read more

Security risk USB stick – This is how SAP customers protect themselves against data loss and malware

As long as unencrypted USB sticks with Heathrow Airport airport security data are found on London's streets, it is clear that the security risk posed by lost smartphones and flash drives is still significantly underestimated. We show what companies can do to prevent data misuse.

Read more

The seven colors of the insider threat rainbow

SECUDE has come to learn a sad fact. Those responsible for the safety and security of their companies data (IP) often fail to comprehend a serious risk that stares at them straight in the face – malicious insiders. There are media articles galore on this danger, but not many seem to learn the lesson.

Read more

Business leaders must look beyond national boundaries, says Dr. Kromer

The Chairman and Managing Director of SECUDE, Dr. Heiner Kromer, was recently at the University of Lucerne to promote the department of International IT Management at the University of Lucerne. Here is an exclusive interview with Dr. Kromer. The interviewer is Dr. Bernhard Haemmerli - Professor, Lucerne University of Applied Sciences and Gjøvik University College.

Read more

A perspective on SECUDE-Microsoft relations – The story of HALOCORE

Philipp Meier is the Vice President of Research & Development. He has been at the core of developing HALOCORE and is thus privy to HALOCORE-Microsoft relations since the beginning. This is his perspective on HALOCORE - the decisive DLP solution that SAP users need.

Read more

How do you naturally integrate SAP and Microsoft’s Azure Information Protection?

HALOCORE finds mention in Microsoft’s application support website due to its innate capability to apply classification and protection leveraging Microsoft’s Azure Information Protection policies for SAP downloads on demand and fully automated.

Read more

No cog too small: Data security in Materials Management

Information, such as pricing, inventory management and consumption-based planning, that is included in SAP Material Management need to be protected. Often access to such complex and sensitive material data is unregulated based on the quoting procedures and exports of such information are frequent.

Read more

Close your SAP security gaps now and let business run.