View
685
Download
0
Category
Preview:
DESCRIPTION
Citation preview
- 1 - © SEEBURGER AG 2011
• Are you vulnerable?
• Are you compliant?
• Do you know what, when, to whom and by who
sensitive SAP data is sent outside the company?
Closing the Compliance Gap in
File Exchange
Webcast Logistics
Got Flash? http://get.adobe.com/flashplayer
to download.
© 2011 Forrester Research, Inc. Reproduction Prohibited 3 © 2009 Forrester Research, Inc. Reproduction Prohibited
The Increasing Importance of MFT
Ken Vollmer
Principal Analyst
Forrester Research
4 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Interest in MFT is skyrocketing!
• The number of client inquiries on MFT has soared since 2009
– An increase of over 300% comparing 2009 to 2011
• Typical questions:
– Who are the leading MFT providers?
– What features should we look for in an MFT solution?
• What is driving this increased level of interest?
5 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Increasing number of compliance regulations
• Increasing number of legal requirements to protect data
• US examples
– HIPAA
• Designed to protect the privacy of patient data
– Sarbanes/Oxley
• Designed to insure the authentication of financial reports
• European examples
– Basel II
• Specific rules covering managed file transfers
– European Union Data Protection Directive
• Protection of personal information
6 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
High Visibility Security Failures
• Examples
– Frequent reports of compromised customer account information
– Recent WikiLeaks exposures of sensitive government documents
• These lapses have significantly increased the awareness of related
risks on the part of CEO’s and auditors
7 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Polling Question #1
• Which of the following objectives is most relevant for your
organization?
– Adherence to data security policies/mandates for governance or
compliance
– Reduction of disparate FTP processes
– Compliance with new trading partner security requirements (i.e. banking)
– Controlling the amount of data taxing e-mail servers
8 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Source: Q4 2009 Global EDI/B2B Survey
Base: 300 Senior IT Managers from North America, EMEA and Asia Pacific regions
Business Issues Driving Need For Improvement “ How important are the following business issues in driving your need for improved ability
for interacting with your trading partners?”
9 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Source: Q4 2009 Global EDI/B2B Survey
Base: 232 Senior IT Managers from North America, EMEA and Asia Pacific regions within enterprises planning on upgrading its
capability to exchange information more effectively with external business partners
Focus of planned B2B improvements “Which issues will be your highest priority for planned improvements.”
MFT Reference Architecture Model
Quality of
Service
Reliability
Operational
Security
Scalability
User Provisioning
Core Features
Protocol Support
Architecture
Operational
Flexibility Performance
Security
Administration
Profile
Management
Policy
Management
Auditability
Mobility
Admin &
Governance
Deployment
Models
Platform
Independence
Visibility
Business
Monitoring
Technical
Monitoring
Alert
Capability
Logging Reporting
Scheduling
Ease of Use
SLA Mgmt
Workflow
Certificate
Management
Data Security
11 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Annual MFT Revenue Projections
12 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
Closing the Compliance Gap in File Exchange
With SEEBURGER Managed File Transfer
- 13 - © SEEBURGER AG 2011
SEEBURGER at a Glance
Leading: Ranked as Global leader for Business Integration by Independent analyst
(i.e. Gartner and Forrester)
Globally Successful: 19 worldwide offices & 8,500 customers from various industries
Independent, profitable and growing since 1986
Focused on vertical industries and standards
SAP®:
SEEBURGER’s
Partner for SAP PI
Adapters
600 Joint
Customers
Worldwide
- 14 - © SEEBURGER AG 2011
What is the problem and why?
What are best run companies
doing globally?
- 15 - © SEEBURGER AG 2011
Cost Reduction via Consolidation
Best Run Companies are focused on:
Drive Core Revenue (Innovation) via Modernization
Reducing Risk by ensuring Data Security and Compliance
Regardless of Vertical Industry – every CIO is focused on the above business drivers
- 16 - © SEEBURGER AG 2011
Cost Reduction via Consolidation
Drive Core Revenue (Innovation) via Modernization
Reducing Risk by via Data Security and Compliance
But Legacy problems with B2B/FTP landscapes exist…
Disparate, fragmented, siloed systems
Legacy applications with patch upgrades
Inconsistent governance & visibility
- 17 - © SEEBURGER AG 2011
Polling Slide #2
At your company, what is the most commonly used method for moving large files from one
system or individual to another?
− Shared folders on an internal network
− Managed File Transfer solution
− Individual FTP processes
− USB thumb drive device
- 18 - © SEEBURGER AG 2011
EU Directive 95/46/EC Global
PCI/DSS
US - HIPAA
US - Gramm-
Leach-Bliley Act
UK Coroners and Justice Bill
California Security Breach Notification Act
Massachusetts Encryption Mandate
US-Sarbanes-Oxley Act, Section 404
US-21 CFR Part 11
US Department of Defense (DOD) 5015.2
US Securities and Exchange (SEC) Act
Rules 17a-3 4 (17 CFR 240,17a-3,4)
German BDSG - regulation on personal
US - Consumer Product Safety
Improvement Act
US – RoHS (Restriction of use of
Hazardous material)
US – WEEE (Waste Electrical &
Electronic Equipment)
19 Entire contents © 2009 Forrester Research, Inc. All rights reserved.
SEEBURGER BUSINESS INTEGRATION SUITE
How is SEEBURGER helping best run companies to close the compliance gap in file exchange?
- 20 - © SEEBURGER AG 2011
SEEBURGER Business Integration Suite
Integration Platform
B2B / MFT / EDI
Document Automation
Paper, TIF, PDF, …
Application Integration Web, SOA
Event Management Sensors, Barcode, …
Ga
tew
ays
SEEBURGER Business Integration Suite
SEEBURGER
Business
Integration
Server (BIS)
End-to-End Monitoring
Your Company
SAP Solution
Extensions
Order-to-Cash
Purchase-to-
Pay
B2B/SCM
Monitor
Customers
Suppliers
Shipping/Logistics
Cloud
- 21 - © SEEBURGER AG 2011
SEEBURGER Business Integration Suite
Integration Platform
B2B / MFT / EDI
Document Automation
Paper, TIF, PDF, …
Application Integration Web, SOA
Event Management Sensors, Barcode, …
Ga
tew
ays
SEEBURGER Business Integration Suite
SEEBURGER
Business
Integration
Server (BIS)
End-to-End Monitoring
Your Company
SAP Solution
Extensions
Order-to-Cash
Purchase-to-
Pay
B2B/SCM
Monitor
Customers
Suppliers
Shipping/Logistics
Cloud
- 22 - © SEEBURGER AG 2011
Managed Integration
SEEBURGER Managed File Transfer Solution – Components
SEE Adapter
End point client to connect
any system in the network,
any file type, any operating
system and any file size
supported
Application and protocol
specific interface to integrate
applications via various
standard protocols (FTP, SFTP,
HTTP(s), ...)
Human to Human, Human
to System and Ad Hoc large
file exchange. Integrated
with popular Email system
for ease of use
Base Functions
Governance
Policy Management
Multi-OS & A2A
support
End-to-End-Visibility
Checkpoint & Restart
Content filtering
Event & Activity Management
Reporting & Administration
Management & measurement
SEE LINK SEE FX
Application
Adapter
Application
SEE
LINK
SEE
LINK
Systems
End Point Provisioning
Secure multiprotocol
communication
Process control & automation
Managed Collaboration
- 23 - © SEEBURGER AG 2011
SEEBURGER MFT Helps You Become Compliant
Dual Control and Role-Based Access Controls
Secure Login (SSL) and Unique Session Token
Password Strength and Expiry Enforcement
Alerting and Event Notification
Event Auditing and Log Aggregation (SYSLOG)
Protected Data in Motion (AS2 and Secure FTP)
Protected Data at Rest (PGP and File Encryption Adapter)
Protected Application Metadata (Database and Files)
SQL and JavaScript Injection Prevention
Modular Design Fits Secure Network Model
Secure File Transfer via Email
ICAP Interface Compatible with Spam Blocker and DLP
Core compliance aspects met with SEEBURGER Managed File Transfer solutions:
PII/PHI
- 24 - © SEEBURGER AG 2011
Polling Question #3
Which of the following best describes your company policies regarding data security?
− Policies are clearly defined and strictly enforced
− General guidelines exist but are loosely enforced
− Policies vary from department to department and application to application
− I am unaware of policies regarding the transfer of unstructured files
- 25 - © SEEBURGER AG 2011
SEEBURGER Solution Portfolio for specific industries B2B Packaged Solution Automotive, CPG/Retail and other
industries
– the standardized and pre-configured B2B Solution for your industry
SAP Solution Extension B2B/SCM Monitor
– SAP embedded and tightly integrated Best Practice B2B Solution
for cross-company, cross-system end-to-end monitoring providing
total visibility across the entire supply chain for SAP user
SAP Solution Extension Order-to-Cash
– SAP embedded and tightly integrated Best Practice B2B Solution
for seamless automation of “order to cash” processes (from receipt
of order through delivery to invoicing)
Logistic Solution Professional
– Standardized Logistic Solution packaged for automotive industry.
iMartOne
– WebEDI portal designed for your CPG industry- central internet
portal for the electronic exchange of business data between
consumer goods manufacturers, suppliers and retailers
Solution
Portfolio
Automotive
Solution
Portfolio
CPG/Retail
- 26 - © SEEBURGER AG 2011
Questions??
Recommended