infrastructure for the digital world - fujitsu.com · by 2021, cyber insurance payouts reach $1...

27
0 Copyright 2017 FUJITSU #FujitsuWorldTour Infrastructure for the Digital World Fujitsu World Tour 2017 #FujitsuWorldTour

Upload: truonghuong

Post on 29-May-2019

217 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

0 Copyright 2017 FUJITSU

#FujitsuWorldTour

Infrastructure for the Digital World

Fujitsu World Tour 2017

#FujitsuWorldTour

Page 2: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

1 Copyright 2017 FUJITSU

La potenza dei dati è nulla senza controllo: la Secure Autentication come valore aggiunto delle architetture SAP HANA per la Digital Co-Creation

Antonio Gentile

SAP Business Development Manager

Fujitsu Italia

Salvatore De Caro

SAP HANA Platform Architect

SAP Italia

Page 3: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

2 Copyright 2017 FUJITSU

Digital Waves

Page 4: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

3 Copyright 2017 FUJITSU

The potential economic impact of IoT

http://www.mckinsey.com/insights/business_technology/the_internet_of_things_the_value_of_digitizing_the_physical_world

Page 5: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

4 Copyright 2017 FUJITSU

Hacking & Cyber-Fraud

Hackers have evolved to steal data, transfer funds or cause targeted damages.

SAP passwords are not encrypted by default – user

name and password credentials can easily be obtained by hackers.

Authentication is only done once at log-on - there is no re-authentication during a work session.

Although the statistics shown are overall costs due to all types of incidents, those associated with SAP can be drastically reduced.

Source: http://www.ponemon.org/library/2014-global-report-on-the-cost-of-cyber-crime

Average annualized cost of cyber-fraud and hacking per

organization

$12.7M in 2014

Page 6: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

5 Copyright 2017 FUJITSU

With Fujitsu’s PalmSecure technology, people can confirm their identity by scanning their unique palm vein pattern. Security no longer revolves around authenticating passwords; it’s all about authenticating people.

It simplifies procedures, reduces costs and, most importantly, increases security.

The Answer to Security is in the Palm of Your Hands

5

Position hand

over sensor

Sensor focuses &

detects live hand

Hand is scanned

with near-infrared

light and vein

patterns

are captured

Hand veins are recorded and

compared with pattern stored

either locally (e.g. SmartCard)

or in a database

How palm vein security works

Page 7: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

6 Copyright 2017 FUJITSU

Deep Security for SAP

SA

P P

LM

SA

P S

RM

SA

P S

CM

SA

P E

RP

SA

P C

RM

Ind

ustr

y

Com

pl.

NW-VSI SAP NetWeaver

LINUX OS

Servers & VMs

Storage

Network

NW-VSI 2.0

Deep Security

NW-VSI 2.0 API

• SAP Content Security

• Active Content Protection

• Anti Malware (SAP)

• Anti-Malware (OS)

• Web-Reputation

• Firewall

• Intrusion Prevention

• Integrity Monitoring

• Log Inspection

Server

Security

Deep Security

For SAP

Page 8: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

7 Copyright 2017 FUJITSU

SAP Secure Operations Map

Page 9: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

8 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Can’t See Value in Your Business Data? The Bad Guys Can …

By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies adopt them.

By 2018, ransomware attacks on healthcare providers double.

By 2023, 50% of WW retailers (75% of U.S. retailers) engage service providers to monitor their network and cloud networks for ongoing and future threats through security as a service subscriptions and outsourced services.

IDC, Nov. 2016

Page 10: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

9 Copyright 2017 FUJITSU

Finance Transactions in SAP S4/HANA

… user can edit invoice amounts.

Without bioLock™ … … user can execute

financial transactions without limit on the amount.

… no audit data will be recorded.

… there is no accountability for the user.

… traditional SAP user roles cannot control this.

Page 11: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

10 Copyright 2017 FUJITSU

Finance Transactions in SAP S4/HANA

With bioLock™ …

… permitted with restrictions

… logged in a tamper-proof audit file.

… prevented

… access, viewing and/or changes to this data will be …

or and

Page 12: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

11 Copyright 2017 FUJITSU

PS bioLock for SAP

Software bioLock

■ Control and monitoring of SAP applications by customer defined checkpoints with re-authentication

■ The only biometric SAP protection application and SAP certified ■ Adjustable to screen and field level ■ Login data never forwarded ■ Companies: highest level of security for SAP applications ■ Powered by Realtime US

Secured usage of SAP applications

■ Fraud prevention

■ Data control

■ Controlled authorized financial transactions

■ Process logging and monitoring of SAP transactions

■ Individually secured processes e.g.

■ Finance transactions ■ Personnel data ■ Customers lists ■ ...

PA

LM S

EC

UR

E

Page 13: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

12 Copyright 2017 FUJITSU

Benefits of realtime bioLock™ for use with SAP S4/HANA – powered by Fujitsu PalmSecure

Secured and audit proofed evidence of

transactions

Protecting and controlling of data and transactions

Easy integration into existing infrastructure

Easy and practicable for users, hygienic,

high user acceptance

Page 14: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

13 Copyright 2017 FUJITSU

Palm Secure BioLock SAP S4/HANA

Page 15: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

14 Copyright 2017 FUJITSU

Summary - Fraud Prevention

No matter what your industry, biometric re-authentication at granular levels is the key to dramatically improving your security in SAP.

Whether Finance, HR, Sales, Operations or other, use PalmSecure and bioLock™ to prevent fraud in SAP.

The realtime bioLock™ for use with SAP S4/HANA – powered by Fujitsu PalmSecure Biometric Identity Management & Credentialing Software lets you combat fraud in all areas including purchasing, payroll, inventory, retail POS and many more…

Aerospace & Defense

Automotive

Banking

Chemicals

Consumer Products

Defense & Security

Engineering, Construction, and Operations

Healthcare

Higher Education & Research

High Tech

Industrial Machinery & Components

Insurance

Life Sciences

Media

Mill Products

Mining

Oil and Gas

Professional Services

Public Sector

Retail

Telecommunications

Transportation & Logistics

Utilities

Wholesale Distribution

Page 16: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

15 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

SAP HANA Platform The in-memory data platform for digital business

DATABASE MANAGEMENT

Web Server JavaScript

Graphic Modeler

Data Virtualization ELT & Replication

Columnar OLTP+OLAP

Multi-Core & Parallelization

Advanced Compression

Multi-tenancy Multi-Tier Storage

Graph Predictive Search

Data Quality

Series Data

Business Functions

Hadoop & Spark Integration

Streaming Analytics

Application Lifecycle Management

High Availability & Disaster Recovery

Openness Data Modeling

Admin & Security

Remote Data Sync

Spatial

Text Analytics

Fiori UX

ALM

</>

APPLICATION DEVELOPMENT DATA INTEGRATION & QUALITY ADVANCED ANALYTICAL PROCESSING

SAP, ISV and Custom Applications

All Devices

OLTP + OLAP ONE Open Platform ONE Copy of the Data

S A P H A N A P L A T F O R M

Page 17: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

16 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Manage secure data access and keep your systems protected

SAP HANA provides a comprehensive security framework

✔ Securely run SAP HANA in a variety of environments

✔ Meet increasing regulatory and compliance requirements

✔ Easily configure, manage and monitor security

✔ Keep up to date with relevant security updates

Page 18: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

17 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Manage secure data access and keep your systems protected

Transport/data encryption User/role

management

Secure

development

Secure

configuration

Authentication

Single sign-on

Audit logging

Page 19: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

18 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Comprehensive encryption

SAP HANA

Application

encryption

Key

management

Encryption

management

Backup

encryption

Data at rest

encryption

Communication

encryption

Page 20: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

19 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Da

ta C

en

ter

Security infrastructure integration

SAP HANA supports industry standards and documented interfaces to enable integration with the customers’ security network and datacenter infrastructures

Identity management • Connector for SAP Identity Management, SQL interface for integration with other identity management solutions

• Integration with LDAP for role assignment

Compliance • Connector for SAP Access Control

Single Sign-On • E.g. for Microsoft Active Directory

Logging • Standard logging infrastructures (Linux syslog)

Threat detection • SAP Enterprise Threat Detection support

Antivirus • XS antivirus interface

Logging syslog

Single Sign-On Kerberos

SAML

SAP HANA

Identity Management SQL

Compliance SQL

XS NW-VSI

compatible Antivirus

Threat Detection Log data

Page 21: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

20 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

SAP secure software development lifecycle

At the core of SAP’s development processes is a comprehensive security strategy

Secure software development lifecycle (secure SDL)

• Comprehensive framework of processes, guidelines, tools and staff training

• Ensures that security is an integral component of the architecture, design, and implementation of SAP solutions

• Risk-based approach, uses threat-modeling and security risk assessment methods

• Comprehensive security testing with automated and manual tests

• See SAP Security @ http://www.sap.com/security

Page 22: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

21 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Security patches

Keep up to date by installing the latest security patches and monitoring SAP security notes

Monthly SAP Security Patch Day

• SAP security notes contain information on the affected application areas and specific measures that protect against the exploitation of potential weaknesses

• See also http://support.sap.com/securitynotes and SAP Security Notes – Frequently asked questions

Security improvements/corrections ship with SAP HANA revisions

• Installed using SAP HANA’s lifecycle management tools

• See also SAP Note 2021789 – SAP HANA revision und maintenance strategy

Operating system patches • Provided by the respective vendors SuSE/Redhat

Page 23: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

22 Copyright 2017 FUJITSU © 2017 SAP SE or an SAP affiliate company. All rights reserved.

Need more information on SAP HANA security?

Read the SAP HANA security whitepaper

Check out our security website http://hana.sap.com/security

Page 24: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

23 Copyright 2017 FUJITSU 23

THERE‘S A

TIME FOR

SECURITY.

AND IT‘S

ALWAYS

NOW.

Run Simple SECURITY IS LIVE | Learn more at hana.sap.com/security

Page 25: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

27 Copyright 2017 FUJITSU

#FujitsuWorldTour

Page 26: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

28 Copyright 2017 FUJITSU

Agenda

14.00 Datacenter Co-creation Experience: architetture iperconvergenti e software-defined per un Datacenter agile, scalabile e sicuro- Il caso di successo di ConTe.it

• Paolo Perrucci , IT Transformation Manager, ConTe.it

• Danilo Salladini , Business Development Manager HyperConverged & Integrated DC Solutions, Fujitsu Italia

14.45 Proteggere le informazioni: dalla moderna Data Protection alle linee guida per il GDPR

• Andrea Sappia – Sales Consultant Manager – Fujitsu Italia

15.30 La potenza dei dati è nulla senza controllo: la Secure Autentication come valore aggiunto delle architetture SAP HANA per la Digital Co-Creation

• Antonio Gentile, SAP Business Development Manager, Fujitsu

• Salvatore De Caro, SAP HANA Platform Architect, SAP Italia

16.15 Fine lavori – coffe break

Page 27: Infrastructure for the Digital World - fujitsu.com · By 2021, cyber insurance payouts reach $1 billion worldwide (20% CAGR) as cyber policies become more formalized and more companies

29 Copyright 2017 FUJITSU

#FujitsuWorldTour