Security risk as a USB stick – This is how SAP customers protect themselves against data loss and malware

Company-wide security concepts and automated user control required

The current headlines about the discovery of a USB stick with unencrypted data on surveillance cameras, escape routes and police patrols of Heathrow Airport in the streets of London clearly show what can happen when such sensitive information falls into the wrong hands. [1] And that happens much faster than you think. According to a study commissioned by the American Cimouting Technology Industry Association (CompTIA), every fifth person who finds a foreign medium takes it and ties it to their computer without hesitation. According to a study of the American University in Illinois, 69 percent of the finders before the opening of the media and files no security precautions. [2] This gives viruses and spyware free access to their devices and, in times of modern work practices such as Bring Your Own Device (BYOD), jeopardizes not only their IT security but that of their employer.

This allows companies to minimize security risk

The basis for effective protection is a far-reaching security concept with a sophisticated set of measures that includes the awareness and training of employees. This is confirmed by a recent article from Computerwoche. [2] Most importantly, users should be clear about what exactly to do in which scenario and who to contact. Which company-internal data can be stored to what extent on external data carriers? How should employees behave when they find abandoned USB sticks in public places?

After these questions have been implemented in an enterprise-wide policy, there is only one question left: Which software solutions can be used to support data that is needed outside the organization? Most large and medium-sized businesses store sensitive data, such as confidential financial information or personal information in SAP. So they are safe at first glance. At second glance, however, it becomes clear that SAP data can also be transferred quickly and unnoticed to external data carriers via export functions. With HALOCORE, SECUDE offers an intelligent software solution that controls the export of data from the SAP systems. On the basis of a company-wide data classification, the rights for data exports from SAP can be determined individually, the download of especially sensitive data can be limited and a clear follow-up of all data transactions can be carried out. Working closely with Microsoft also ensures that common office applications recognize and automatically apply the security classifications of each file.

Data that has been exported to an Excel file by users and saved on an external data medium can not be opened by SECUDE solutions by third parties. Combined with the on-board resources of SAP and professional antivirus software, this provides effective protection – both for accidental data loss caused by a lost USB stick and for hacker attacks via malware.


[1] Message about the USB-Stick-Found in London
[2] Studies on finder behavior and strategic approaches to data security