can you continue to ignore data encryption in sap?
TRANSCRIPT
© 2013 Dolphin. 2
DOLPHIN AT A GLANCE
Focus: SAP Customer Only
Proven: SAP certified solutions for the SAP customer
leveraging SAP technology
Stature: 1/3 of all Fortune 100 companies running
SAP are Dolphin customers
Stability: Employee owned; private; independent of other
stakeholders; organic growth;
Longevity: Founded in 1995
Global Solutions : Hundreds of scalable, flexible
and cost effective deployments
© 2013 Dolphin. 4
WHAT IS ENCRYPTION
Encryption – Using keys or algorithms so only those people
with the right credentials can see the data (all or partial)
Masking – No one is able to see the data as it is completely
covered with no way to remove the masking for a specific
audience
Key Terms
© 2013 Dolphin. 5
Why is Data Security and Encryption Necessary?
Business data is the heartbeat of any business
Data can harm a business reputation if:
- Business Data misused
o BOM copied
- Employee Data misused
o Example – Identity fraud
- Vendor Data misused
o Credit information misused
Legal precedence requirements
- To meet legal and business precedence, data needs to be
protected in the database as well as when archived
© 2013 Dolphin. 6
Benefits for Encryption
Secure business sensitive or legally protected data (e.g. SSN,
Court Payouts, Credit Card Numbers, Medical Records…)
Meet regulatory compliance
Add security to data and not the device it resides on
Protect data even if the system is breached
Provides confidence to confidentiality of data
Provide security for companies reputation
Can pin-point data to specific audience in any system
(Production, QA, Test, etc.)
© 2013 Dolphin. 7
Reasons for Encryption and Terminology
PII Personally Identifiable Information
PIPEDA Personal Information Protection and
Electronic Documents Act
HIPPA Health Information Protection Act
(USA HIPAA)
PCI DSS Payment Card Industry Data Security
ITAR International Traffic in Arms Regulations
© 2013 Dolphin. 8
Examples
2013 - Chinese hackers reportedly accessed U.S. weapons
designs (recent on CNET)
2012 - Massachusetts provider settles HIPAA case for $1.5
million (hhs.gov)
In June 2011, Citigroup disclosed a data breach within
their credit card operation, affecting approximately
210,000 or 1% of their customers' accounts. Which cost
company financially and it reputation. (Wikipedia on data
breach)
Recent release of data on Government programs and that
data (Snowden)
Recent Examples of Breached Security
© 2013 Dolphin. 9
AUDIT, SECURITY AND COMPLIANCE
Protect and manage your data to meet your governance,
compliance and business requirements (i.e., PCI, PII and
regulatory compliance)
Leverage your corporate encryption investment
Secure data down to the lowest level - database
Secure data even if database tools are used to see and
extract data, for example: TOAD, SQL Tool Sets…
User will not be able to see unsecured data using Query
tools
– SAP user will still see secure data using SQ00,
SQ01, SE16, SE16N, IDOC…
Provide optional software for SAP data archiving strategy
for seamless business access to secure data
© 2013 Dolphin. 19
SUMMARY
Single most important reason for using encryption is to preserve
confidentiality of the data and protect the business and people
they serve
Support corporate and legal compliance mandates
Effectively compete
Avoid risk
Why Encryption
© 2013 Dolphin.
DOLPHIN CONTACT INFORMATION
For more information:
www.dolphin-corp.com
888.305.9033
Questions?
CONTACT INFORMATION