Protecting the IP of a Manufacturing Company – A Case Study
IP is the crown jewel of any organization. Protecting it goes beyond traditional security paradigms. Here is the case study of a leading Swiss chip manufacturer who took the extra step of taking a data-centric approach beyond the standard security paradigm.
The Manufacturing sector is amongst the most targeted industrial sectors when it comes to data threats.
The spectrum of threat spans from espionage to outright digital vandalism – and any ‘successful’ attack could have tremendous repercussions on the company, its operations and even on its clients. Loss of Intellectual Property could ring the death knell of the organization.
While CIOs and CISOs deploy multiple layers of security to protect IP from leaking beyond the company’s boundaries, measures such as firewalls, anti-virus, multi-factor authentication along with robust IT security policies, it is widely known that there are gaping holes that desperately call to be filled up.
Take, for example, users of SAP enterprise resource planning software platform. Leading organizations across industries rely heavily on SAP applications to handle product lifecycle, finance, customer relationship, human resource, and many other processes. These applications store and transact vast amounts of business-critical information. SAP clients have long realized that their business revolves around information. However, most SAP users are unaware of a hidden danger – data leaks due to uncontrolled user downloads and data flow in the background. Thus, with digital transformation, solutions that monitor and block such leaks from SAP applications become a must. Here is a case in point
Protecting patented data
Watch the case study’s one-minute video here.
How does an organization protect highly sensitive data that must be shared with an external partner?
SÜSS MicroTec SE, a leading supplier of equipment and process solutions for micro-structuring applications with more than sixty years of engineering experience, leverages SAP ERP in which sensitive data is stored and processed. Access to sensitive data was provided to multiple partners. Thus, it was necessary to secure data that was being shared.
Authorized SAP users, especially external users such as machine designers, had to be given access to relevant data requirements. Data also had to be exported for various operational and business purposes.
“We work in a very security-sensitive environment in the semiconductor industry and related areas. Of course, we take extreme precaution to protect our data within and outside our systems,” explains Key Sebbeße, Director ERP, SÜSS MicroTec SE.
Despite all caution, such as the implementation of necessary authorization and authorization practices, data are prone to potential risks in terms of abuse or theft. This is primarily because once outside, data is no longer protected by SAP security mechanisms and thus, effectively out of effective data security control of departments and persons.
How does SECUDE secure highly confidential data of India’s defense center? Read the case study here.
Controlling export and processing of sensitive SAP data
“After a detailed market evaluation, detailed presentations and a pilot project to gauge performance in our company’s environment, SECUDE demonstrated reliability and effectively showcased the value of its SAP data security solution HALOCORE®,” states Key Sebbeße.
Leveraging HALOCORE® SÜSS MicroTec SE was able to monitor day-to-day data exports and analyze potential threat to data loss. Thus, it was able to execute effect protection mechanisms to secure data.
The Monitor module of HALOCORE® logs all data exports. Through automated classification that includes multiple parameters from the SAP context, the downloaded data is analyzed and appropriate action is taken. Unauthorized data is effectively blocked from exiting the system.
The result: Effective data security, but not at the cost of operational flexibility
SÜSS MicroTec SE was able to proactively eliminate threats to its precious data in the form of data loss, theft or abuse without compromising on users’ operational convenience.
The result ensured data protection, no negative operational impact and proactive safeguard against commercial damage due to data loss. HALOCORE® enables SÜSS MicroTec SE to optimize data export to only those who are authorized to access confidential company data. IT Managers now get visibility to ‘who’ has access to ‘what’ data and from ‘which’ SAP system the data being exported. In addition, as per requirement, SÜSS MicroTec SE is effectively able to block unauthorized data from automatically leaving the SAP landscape.
To know how SECUDE can protect your vital information, be it financial, IP, operations, customer or even about your employees, visit our HALOCORE page.