• Share
  • Email
  • Embed
  • Like
  • Private Content
Solution Brief - Information Risk Management

Solution Brief - Information Risk Management



Imagine a solution that can help automate export control, secure engineering and supply chain collaboration, as well as improve the security of critical SAP ...

Imagine a solution that can help automate export control, secure engineering and supply chain collaboration, as well as improve the security of critical SAP
data. Now imagine it can be managed centrally, with a seamless end-user experience. NextLabs Compliant Enterprise Entitlement Manager, an SAP-endorsed business solution for information risk management, makes this vision a reality. It extends SAP authorization concepts to provide
context-aware and policy-based access control to critical data, helping customers enhance compliance, reduce the risk of data breach and wrongful
disclosure, and enable secure partner collaboration.



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Solution Brief - Information Risk Management Solution Brief - Information Risk Management Document Transcript

    • Solution BriefInformation Risk Management Managing Information Risk to Improve Compliance, Enhance SecurityImagine a solution that can help auto- Global Collaboration Challenges Unlike in the case of shipping physicalmate export control, secure engineering As organizations take their business global, goods, controlling access to technical dataand supply chain collaboration, as well they quickly encounter multiple roadblocks to can be challenging. Traditional role-basedas improve the security of critical SAP® successful global collaboration. For example, access controls do not effectively controldata. Now imagine it can be managed take the case of a multinational manufacturer access to data, leading to potential compli-centrally, with a seamless end-user of aircraft engines seeking to expand its ance violations that could incur enormousexperience. NextLabs Compliant business further into the defense market. fines.Enterprise Entitlement Manager, Strict regulations, such as the U.S. Interna-an SAP-endorsed business solution tional Traffic in Arms Regulation (ITAR), the Export compliance is not the only challenge German Federal Office of Economics and this engine manufacturer faces. To maximizefor information risk management, Export Control (BAFA) regulations, and competitive advantage and reduce cost,makes this vision a reality. It extends the UK Export Control Act (ECA), govern businesses are increasingly dependent onSAP authorization concepts to provide how defense-related technical data must an extended supplier and contractor network.context-aware and policy-based access be handled. In light of these mandates, the Products are often designed and manufac-control to critical data, helping cus- company would have to task its compliance tured in collaboration with global partnerstomers enhance compliance, reduce officers with developing a strategy that to leverage best-in-class capabilities.the risk of data breach and wrongful meets the export regulations of its targetdisclosure, and enable secure partner markets.collaboration. These officers would need to answer a num- In the United States ber of practical questions, including: alone, the Depart- ■■ How can we ensure that critical SAP® ment of State has data related to the new defense products is accessible to all authorized users but levied more than not inadvertently shared with foreign $100 million in fines employees? for International ■■ How can we ensure that all exports of technical data are properly recorded? Traffic in Arms Regu- lation violations since 2010.
    • How can companies both enable the global Figure 1: Global Process Coordination with the Entitlement Managersharing of data necessary for designingbest-in-class products while also safeguard-ing vital corporate intellectual property andmeeting various regulatory requirements?How can companies protect partner intellec- Secure Secure Electronic SAP® datatual property in compliance with information- engineering supply chain export control security collaboration collaborationsharing agreements? How can they sharedemand forecasts and production scheduleswith suppliers to increase visibility while NextLabs Compliant Enterprise Entitlement Managermaintaining confidentiality? Authorize Classify Control access AuditWith a single SAP software instance providing Centralized policiesglobal shared services, critical data of thisengine manufacturer is potentially accessibleanywhere, from any device, across an entire Global companies face increasing compli- ■■ Access control: Extends SAP authorizationglobal user base. While this broad accessibility ance pressures and risks to their intellectual concepts beyond context and role to providehelps drive collaboration, it also increases the property. The traditional model of authorizing fine-grained access control based onrisk that critical SAP data could be shared access by user role is no longer scalable: attributes such as nationality and locationwith or accessed by unauthorized users, these companies end up creating and man- ■■ Audit: Provides an audit trail on the usagecompromising security or violating export aging thousands of roles to respond to rapidly of and access to critical SAP data andor data privacy laws. increasing access control requirements. facilitates compliance reporting A new, fine-grained method of authorizationTo add to the challenge, this engine manu- is required to support streamlined global Built-in policy sets help businesses securefacturer has offshored its IT and help desk operations. critical data access and comply with cross-operations. While offshoring streamlines border jurisdictions. Businesses can leveragebusiness operations, it also increases the Managing Information Risk these best-practice policy sets to:risk that administrative offshore employees NextLabs Compliant Enterprise Entitlement ■■ Automate electronic export control andor contractors could violate data privacy or Manager is an SAP-endorsed business solu- comply with export regulations such asexport regulations. tion for information risk management. It the U.S. ITAR and Export Administration works with SAP solutions to help automate Regulations (EAR), German BAFA, and electronic export control, secure engineering UK ECA. The solution actively enforces and supply chain collaboration, and enhance export controls by understanding theAccording to a data security – enabling the provision of complex business-context variables for2010 study by the global shared services and harmonization of appropriate technical data handling and business processes (see Figure 1). disclosure.Ponemon Institute, ■■ Facilitate the agile collaboration requiredthe average cost The Entitlement Manager provides the follow- for global product development, whileof a data breach is ing key capabilities: improving intellectual property security. ■■ Authorization: Transforms licenses and legal The Entitlement Manager automaticallyUS$7.2 million per contracts into data-level authorizations classifies intellectual property throughoutincident. ■■ Classification: Simplifies classification of its lifecycle and allows companies to SAP data for proper control of data access centrally define standards-based policies
    • Global companies face challenges in export control, in protecting intellectual property in engineering and supply chain collaborations, and in securing critical SAP data against unauthorized access. authorizing access to intellectual property. Figure 2: Tracking All Authorization Decisions with the Entitlement Manager These authori­ ation policies are then z Top 10 Denied Users in Past Month enforced and tracked as engineers and design partners collaborate. Information barriers can be effectively maintained to 10 avoid conflicts of interest and prevent wrongful disclosure. 9■■ Facilitate the agile collaboration required 8 for a responsive supply network, while protecting confidentiality of sensitive 7 demand data, production schedules, and manufacturing intellectual property. The 6 Entitlement Manager helps ensure that Events supply and demand data (such as volume 5 forecasts or production schedules) and manufacturing intellectual property (such 4 as manufacturing bills of material, or BOMs) 3 are properly classified. It automatically controls access to this data in accordance 2 with customer, supplier, and contractor information-sharing agreements and 1 corporate intellectual property protection mandates. 0 James Seth Anthony Fred Ursula Sally Ben Zach William Sally■■ Enhance security of critical SAP data to Debono Savio Huang Roosevelt Siva Sudhati Harris Taylor McKinley Joshi help companies meet their compliance Users and security needs as they provide greater mobility and more global access to shared Protecting Critical SAP Data The Entitlement Manager can be configured services. Centralized policies control who NextLabs Compliant Enterprise Entitlement to automatically classify critical SAP data by can access what data based on fine-grained Manager is an SAP-endorsed business association or inheritance or based on loca- attributes such as sensitivity of content, solution and integrates with the SAP ERP, tion of storage. This greatly simplifies the task location of access, identity of user, and SAP Product Lifecycle Management, and of data classification and helps ensure that citizenship of user. Policies can also SAP BusinessObjects™ Global Trade Ser- program data is properly identified for effec- enforce data segregation to ensure that vices applications to provide end-to-end tive access control throughout its lifecycle. data is stored in appropriate locations in information risk management. The Entitle- compliance with national data-privacy laws ment Manager extends SAP authorization Finally, the Entitlement Manager works or export regulations. In addition, policies concepts to provide attribute-based access smoothly through the SAP GUI and SAP can further control privileged-user access to SAP business objects such as materials, NetWeaver® Portal component to enforce so that global IT and help desk personnel BOMs, routings, change masters, parts data access and sharing policies. The Entitle- have the right system access while specifications, CAD drawings, and documents. ment Manager can be extended to protect restricting their data-level entitlements. It can leverage SAP roles and access control critical data after it is exported from SAP contexts and combine them with other attri- applications to provide end-to-end protection. butes for dynamic authorization decisions. Graphical reporting tools provide a complete audit trail of all authorization decisions (see Figure 2).
    • NextLabs Inc. 2 Waters Park Drive, Suite 250 San Mateo, CA 94403Improving Security and Control The Entitlement Manager enables safe andNextLabs Compliant Enterprise Entitlement secure global shared service functions whileManager works with SAP solutions to provide providing regional policy control. By providing call: + 1 650 577-9101the following benefits: fine-grained authorization with centralized fax: + 1 650 577-9102■■ Automate global trade compliance and management, the Entitlement Manager lower compliance costs associated with enables global companies to automate export E-mail: various export control regulations, such control, secure engineering and supply chain info@nextlabs.com as ITAR, EAR, BAFA, and ECA collaboration, and enhance data security. www.nextlabs.com■■ Protect intellectual property while enabling global design collaboration and prevent Find Out More wrongful disclosure of design and engi- To learn more about how SAP software and neering specifications in compliance NextLabs solutions can help you with export with proprietary information exchange control, secure engineering and supply agreements and nondisclosure agreements chain collaboration, and data security,■■ Prevent data breach across the global contact your SAP representative today or supply chain and protect supply, demand, visit www.nextlabs.com. and manufacturing data in accordance with contractor and supplier agreements SAP-Endorsed Business Solutions■■ Enhance data security and minimize the SAP-endorsed business solutions are com- risk of SAP data spillage and contamination plementary to SAP software offerings, are■■ Support proper data segregation in compli- developed in accordance with SAP develop- ance with regulatory mandates and ment guidelines, and provide additional simplify compliance reporting through choices and flexibility for businesses running centralized logging of access SAP software. SAP-endorsed business solu- tions are powered by the SAP NetWeaver technology platform and are offered by SAP partners. NextLabs Inc. copyright © 2011. RQ 17283 (11/12) Printed in USA. © Copyright 2011 SAP AG. All rights reserved. SAP and the SAP logo are registered trademarks of SAP AG in Germany and other countries. Business Objects and the Business Objects logo are registered trademarks of SAP France in the United States and in other countries.