Monitor SAP data streams and user downloads
HALOCORE MONITOR at a glance
- Close security gaps that are still underestimated by monitoring back-end data streams.
- Quick detection and near real-time notification in case of security incidents such as unauthorized attempts to download sensitive data.
- Comply with GDPR (Articles 5(2) & 30) through comprehensive audit documentation.
- Audit log files can be made tamper-proof by encrypting the file using HALOCHAIN technology.
Increasing business and compliance requirements need more than what SAP GRC can offer
Business and operations do not happen in silos. There is a constant need to share relevant data through different networks, which also get stored in new storage locations, thus making it almost impossible to control. In such a scenario, it would be incorrect to assume that only authorized users view and access sensitive data related to their job function. It is a fact that most companies running their businesses on SAP have very little knowledge and control over how documents extracted from SAP systems and applications are being shared or who is accessing them. Authorized users access data regularly to perform their job functions, but once that data leaves SAP, there is no way to track and monitor it. This leaves companies at a high risk of data loss due to malicious or accidental actions.
While end users present one side of the case, on the other hand, data also flows through the backend in the form of API-based machine-to-machine communication. Most often than not, enterprises do not have insight into ‘invisible’ SAP application activities and, thus, significantly heighten their IT security risk.
Currently SAP GRC can detect only unauthorized SAP data exports, not SAP data streams (Audit & Classification for applications). Also, it does not offer the capability to prevent unauthorized SAP data exports or protect exported SAP data files.
How HALOCORE MONITOR can help
HALOCORE MONITOR audits all exports and downloads of critical SAP data regardless from which egress point the data flows. Through pseudonymization, the audit log meets, by default, Works Council requirements. It is a key extension to the standard SAP Security Audit Log (SAL) and, furthermore, enriches the auditing data shown in SAP Enterprise Threat Detection (ETD) and SAP Digital Boardroom, especially as it audits all exports using an automated classification engine. Closing these GRC compliance gaps even during ‘firefighter’ activities, the module provides real-time insight into which sensitive data is at risk of leaving your SAP system and sends e-mail notifications in case of data leakage.