SAP applications contain large amounts of sensitive data: from personal to financial information. A targeted or even inadvertent disclosure of this data thus offers a potential attack surface. If someone from abroad logs in with the user of a designer from Germany, he should not be able to see any company-relevant drawings. A warehouse clerk often does not necessarily need to know what the contents of which package are, and a sales employee should be able to find the right product and packaging unit for quotations, but not necessarily be able to see the purchase prices. Data masking is therefore about protecting data that is there and also necessary, but which not everyone should see in every situation. Classic, static masking policies via authorisation concepts do not take into account the context of access risk and therefore force a compromise between data security and accessibility. This is where the concept of attribute-based data masking comes in: Additional targeted dynamic policies are used without the need for adjustments to SAP for implementation. In this way, fine-grained control is achieved over which information can be viewed by which users in which situation.
Focus of the webinar:
• Data loss prevention as a further protective measure for your sensitive data
• Why a good authorisation concept alone does not provide sufficient protection
• The advantage of dynamic masking measures over static ones
• Best practice tips for restricting views by location, IP address or time of access
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch schreiben Sie uns gerne an: mail@sast-solutions.de
3. 3
"SAST SOLUTIONS has specialized its portfolio in
holistic solutions for securing SAP ERP and
SAP S/4HANA systems.
As part of the Pathlock Group, we are also the global
market leader for the automation of access
orchestration and cyber security of all business
of all business applications."
Ralf Kempf & Bodo Kahl
SAST SOLUTIONS