closing compliance gap

26
- 1 - © SEEBURGER AG 2011 Are you vulnerable? Are you compliant? Do you know what, when, to whom and by who sensitive SAP data is sent outside the company? Closing the Compliance Gap in File Exchange

Upload: seeburger

Post on 07-Dec-2014

685 views

Category:

Technology


0 download

DESCRIPTION

 

TRANSCRIPT

Page 1: Closing Compliance Gap

- 1 - © SEEBURGER AG 2011

• Are you vulnerable?

• Are you compliant?

• Do you know what, when, to whom and by who

sensitive SAP data is sent outside the company?

Closing the Compliance Gap in

File Exchange

Page 2: Closing Compliance Gap

Webcast Logistics

Got Flash? http://get.adobe.com/flashplayer

to download.

Page 3: Closing Compliance Gap

© 2011 Forrester Research, Inc. Reproduction Prohibited 3 © 2009 Forrester Research, Inc. Reproduction Prohibited

The Increasing Importance of MFT

Ken Vollmer

Principal Analyst

Forrester Research

Page 4: Closing Compliance Gap

4 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Interest in MFT is skyrocketing!

• The number of client inquiries on MFT has soared since 2009

– An increase of over 300% comparing 2009 to 2011

• Typical questions:

– Who are the leading MFT providers?

– What features should we look for in an MFT solution?

• What is driving this increased level of interest?

Page 5: Closing Compliance Gap

5 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Increasing number of compliance regulations

• Increasing number of legal requirements to protect data

• US examples

– HIPAA

• Designed to protect the privacy of patient data

– Sarbanes/Oxley

• Designed to insure the authentication of financial reports

• European examples

– Basel II

• Specific rules covering managed file transfers

– European Union Data Protection Directive

• Protection of personal information

Page 6: Closing Compliance Gap

6 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

High Visibility Security Failures

• Examples

– Frequent reports of compromised customer account information

– Recent WikiLeaks exposures of sensitive government documents

• These lapses have significantly increased the awareness of related

risks on the part of CEO’s and auditors

Page 7: Closing Compliance Gap

7 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Polling Question #1

• Which of the following objectives is most relevant for your

organization?

– Adherence to data security policies/mandates for governance or

compliance

– Reduction of disparate FTP processes

– Compliance with new trading partner security requirements (i.e. banking)

– Controlling the amount of data taxing e-mail servers

Page 8: Closing Compliance Gap

8 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Source: Q4 2009 Global EDI/B2B Survey

Base: 300 Senior IT Managers from North America, EMEA and Asia Pacific regions

Business Issues Driving Need For Improvement “ How important are the following business issues in driving your need for improved ability

for interacting with your trading partners?”

Page 9: Closing Compliance Gap

9 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Source: Q4 2009 Global EDI/B2B Survey

Base: 232 Senior IT Managers from North America, EMEA and Asia Pacific regions within enterprises planning on upgrading its

capability to exchange information more effectively with external business partners

Focus of planned B2B improvements “Which issues will be your highest priority for planned improvements.”

Page 10: Closing Compliance Gap

MFT Reference Architecture Model

Quality of

Service

Reliability

Operational

Security

Scalability

User Provisioning

Core Features

Protocol Support

Architecture

Operational

Flexibility Performance

Security

Administration

Profile

Management

Policy

Management

Auditability

Mobility

Admin &

Governance

Deployment

Models

Platform

Independence

Visibility

Business

Monitoring

Technical

Monitoring

Alert

Capability

Logging Reporting

Scheduling

Ease of Use

SLA Mgmt

Workflow

Certificate

Management

Data Security

Page 11: Closing Compliance Gap

11 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Annual MFT Revenue Projections

Page 12: Closing Compliance Gap

12 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Closing the Compliance Gap in File Exchange

With SEEBURGER Managed File Transfer

Page 13: Closing Compliance Gap

- 13 - © SEEBURGER AG 2011

SEEBURGER at a Glance

Leading: Ranked as Global leader for Business Integration by Independent analyst

(i.e. Gartner and Forrester)

Globally Successful: 19 worldwide offices & 8,500 customers from various industries

Independent, profitable and growing since 1986

Focused on vertical industries and standards

SAP®:

SEEBURGER’s

Partner for SAP PI

Adapters

600 Joint

Customers

Worldwide

Page 14: Closing Compliance Gap

- 14 - © SEEBURGER AG 2011

What is the problem and why?

What are best run companies

doing globally?

Page 15: Closing Compliance Gap

- 15 - © SEEBURGER AG 2011

Cost Reduction via Consolidation

Best Run Companies are focused on:

Drive Core Revenue (Innovation) via Modernization

Reducing Risk by ensuring Data Security and Compliance

Regardless of Vertical Industry – every CIO is focused on the above business drivers

Page 16: Closing Compliance Gap

- 16 - © SEEBURGER AG 2011

Cost Reduction via Consolidation

Drive Core Revenue (Innovation) via Modernization

Reducing Risk by via Data Security and Compliance

But Legacy problems with B2B/FTP landscapes exist…

Disparate, fragmented, siloed systems

Legacy applications with patch upgrades

Inconsistent governance & visibility

Page 17: Closing Compliance Gap

- 17 - © SEEBURGER AG 2011

Polling Slide #2

At your company, what is the most commonly used method for moving large files from one

system or individual to another?

− E-mail

− Shared folders on an internal network

− Managed File Transfer solution

− Individual FTP processes

− USB thumb drive device

Page 18: Closing Compliance Gap

- 18 - © SEEBURGER AG 2011

EU Directive 95/46/EC Global

PCI/DSS

US - HIPAA

US - Gramm-

Leach-Bliley Act

UK Coroners and Justice Bill

California Security Breach Notification Act

Massachusetts Encryption Mandate

US-Sarbanes-Oxley Act, Section 404

US-21 CFR Part 11

US Department of Defense (DOD) 5015.2

US Securities and Exchange (SEC) Act

Rules 17a-3 4 (17 CFR 240,17a-3,4)

German BDSG - regulation on personal

US - Consumer Product Safety

Improvement Act

US – RoHS (Restriction of use of

Hazardous material)

US – WEEE (Waste Electrical &

Electronic Equipment)

Page 19: Closing Compliance Gap

19 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

SEEBURGER BUSINESS INTEGRATION SUITE

How is SEEBURGER helping best run companies to close the compliance gap in file exchange?

Page 20: Closing Compliance Gap

- 20 - © SEEBURGER AG 2011

SEEBURGER Business Integration Suite

Integration Platform

B2B / MFT / EDI

Document Automation

Paper, TIF, PDF, …

Application Integration Web, SOA

Event Management Sensors, Barcode, …

Ga

tew

ays

SEEBURGER Business Integration Suite

SEEBURGER

Business

Integration

Server (BIS)

End-to-End Monitoring

Your Company

SAP Solution

Extensions

Order-to-Cash

Purchase-to-

Pay

B2B/SCM

Monitor

Customers

Suppliers

Shipping/Logistics

Cloud

Page 21: Closing Compliance Gap

- 21 - © SEEBURGER AG 2011

SEEBURGER Business Integration Suite

Integration Platform

B2B / MFT / EDI

Document Automation

Paper, TIF, PDF, …

Application Integration Web, SOA

Event Management Sensors, Barcode, …

Ga

tew

ays

SEEBURGER Business Integration Suite

SEEBURGER

Business

Integration

Server (BIS)

End-to-End Monitoring

Your Company

SAP Solution

Extensions

Order-to-Cash

Purchase-to-

Pay

B2B/SCM

Monitor

Customers

Suppliers

Shipping/Logistics

Cloud

Page 22: Closing Compliance Gap

- 22 - © SEEBURGER AG 2011

Managed Integration

SEEBURGER Managed File Transfer Solution – Components

SEE Adapter

End point client to connect

any system in the network,

any file type, any operating

system and any file size

supported

Application and protocol

specific interface to integrate

applications via various

standard protocols (FTP, SFTP,

HTTP(s), ...)

Human to Human, Human

to System and Ad Hoc large

file exchange. Integrated

with popular Email system

for ease of use

Base Functions

Governance

Policy Management

Multi-OS & A2A

support

End-to-End-Visibility

Checkpoint & Restart

Content filtering

Event & Activity Management

Reporting & Administration

Management & measurement

SEE LINK SEE FX

Application

Adapter

Application

SEE

LINK

SEE

LINK

Systems

End Point Provisioning

Secure multiprotocol

communication

Process control & automation

Managed Collaboration

Page 23: Closing Compliance Gap

- 23 - © SEEBURGER AG 2011

SEEBURGER MFT Helps You Become Compliant

Dual Control and Role-Based Access Controls

Secure Login (SSL) and Unique Session Token

Password Strength and Expiry Enforcement

Alerting and Event Notification

Event Auditing and Log Aggregation (SYSLOG)

Protected Data in Motion (AS2 and Secure FTP)

Protected Data at Rest (PGP and File Encryption Adapter)

Protected Application Metadata (Database and Files)

SQL and JavaScript Injection Prevention

Modular Design Fits Secure Network Model

Secure File Transfer via Email

ICAP Interface Compatible with Spam Blocker and DLP

Core compliance aspects met with SEEBURGER Managed File Transfer solutions:

PII/PHI

Page 24: Closing Compliance Gap

- 24 - © SEEBURGER AG 2011

Polling Question #3

Which of the following best describes your company policies regarding data security?

− Policies are clearly defined and strictly enforced

− General guidelines exist but are loosely enforced

− Policies vary from department to department and application to application

− I am unaware of policies regarding the transfer of unstructured files

Page 25: Closing Compliance Gap

- 25 - © SEEBURGER AG 2011

SEEBURGER Solution Portfolio for specific industries B2B Packaged Solution Automotive, CPG/Retail and other

industries

– the standardized and pre-configured B2B Solution for your industry

SAP Solution Extension B2B/SCM Monitor

– SAP embedded and tightly integrated Best Practice B2B Solution

for cross-company, cross-system end-to-end monitoring providing

total visibility across the entire supply chain for SAP user

SAP Solution Extension Order-to-Cash

– SAP embedded and tightly integrated Best Practice B2B Solution

for seamless automation of “order to cash” processes (from receipt

of order through delivery to invoicing)

Logistic Solution Professional

– Standardized Logistic Solution packaged for automotive industry.

iMartOne

– WebEDI portal designed for your CPG industry- central internet

portal for the electronic exchange of business data between

consumer goods manufacturers, suppliers and retailers

Solution

Portfolio

Automotive

Solution

Portfolio

CPG/Retail

Page 26: Closing Compliance Gap

- 26 - © SEEBURGER AG 2011

Questions??