closing compliance gap

- 1 - © SEEBURGER AG 2011

• Are you vulnerable?

• Are you compliant?

• Do you know what, when, to whom and by who

sensitive SAP data is sent outside the company?

Closing the Compliance Gap in

File Exchange

Webcast Logistics

Got Flash? http://get.adobe.com/flashplayer

to download.

© 2011 Forrester Research, Inc. Reproduction Prohibited 3 © 2009 Forrester Research, Inc. Reproduction Prohibited

The Increasing Importance of MFT

Ken Vollmer

Principal Analyst

Forrester Research

4 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Interest in MFT is skyrocketing!

• The number of client inquiries on MFT has soared since 2009

– An increase of over 300% comparing 2009 to 2011

• Typical questions:

– Who are the leading MFT providers?

– What features should we look for in an MFT solution?

• What is driving this increased level of interest?

5 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Increasing number of compliance regulations

• Increasing number of legal requirements to protect data

• US examples

– HIPAA

• Designed to protect the privacy of patient data

– Sarbanes/Oxley

• Designed to insure the authentication of financial reports

• European examples

– Basel II

• Specific rules covering managed file transfers

– European Union Data Protection Directive

• Protection of personal information

6 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

High Visibility Security Failures

• Examples

– Frequent reports of compromised customer account information

– Recent WikiLeaks exposures of sensitive government documents

• These lapses have significantly increased the awareness of related

risks on the part of CEO’s and auditors

7 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Polling Question #1

• Which of the following objectives is most relevant for your

organization?

– Adherence to data security policies/mandates for governance or

compliance

– Reduction of disparate FTP processes

– Compliance with new trading partner security requirements (i.e. banking)

– Controlling the amount of data taxing e-mail servers

8 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Source: Q4 2009 Global EDI/B2B Survey

Base: 300 Senior IT Managers from North America, EMEA and Asia Pacific regions

Business Issues Driving Need For Improvement “ How important are the following business issues in driving your need for improved ability

for interacting with your trading partners?”

9 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Source: Q4 2009 Global EDI/B2B Survey

Base: 232 Senior IT Managers from North America, EMEA and Asia Pacific regions within enterprises planning on upgrading its

capability to exchange information more effectively with external business partners

Focus of planned B2B improvements “Which issues will be your highest priority for planned improvements.”

MFT Reference Architecture Model

Quality of

Service

Reliability

Operational

Security

Scalability

User Provisioning

Core Features

Protocol Support

Architecture

Operational

Flexibility Performance

Security

Administration

Profile

Management

Policy

Management

Auditability

Mobility

Admin &

Governance

Deployment

Models

Platform

Independence

Visibility

Business

Monitoring

Technical

Monitoring

Alert

Capability

Logging Reporting

Scheduling

Ease of Use

SLA Mgmt

Workflow

Certificate

Management

Data Security

11 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Annual MFT Revenue Projections

12 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

Closing the Compliance Gap in File Exchange

With SEEBURGER Managed File Transfer

- 13 - © SEEBURGER AG 2011

SEEBURGER at a Glance

Leading: Ranked as Global leader for Business Integration by Independent analyst

(i.e. Gartner and Forrester)

Globally Successful: 19 worldwide offices & 8,500 customers from various industries

Independent, profitable and growing since 1986

Focused on vertical industries and standards

SAP®:

SEEBURGER’s

Partner for SAP PI

Adapters

600 Joint

Customers

Worldwide

- 14 - © SEEBURGER AG 2011

What is the problem and why?

What are best run companies

doing globally?

- 15 - © SEEBURGER AG 2011

Cost Reduction via Consolidation

Best Run Companies are focused on:

Drive Core Revenue (Innovation) via Modernization

Reducing Risk by ensuring Data Security and Compliance

Regardless of Vertical Industry – every CIO is focused on the above business drivers

- 16 - © SEEBURGER AG 2011

Cost Reduction via Consolidation

Drive Core Revenue (Innovation) via Modernization

Reducing Risk by via Data Security and Compliance

But Legacy problems with B2B/FTP landscapes exist…

Disparate, fragmented, siloed systems

Legacy applications with patch upgrades

Inconsistent governance & visibility

- 17 - © SEEBURGER AG 2011

Polling Slide #2

At your company, what is the most commonly used method for moving large files from one

system or individual to another?

− E-mail

− Shared folders on an internal network

− Managed File Transfer solution

− Individual FTP processes

− USB thumb drive device

- 18 - © SEEBURGER AG 2011

EU Directive 95/46/EC Global

PCI/DSS

US - HIPAA

US - Gramm-

Leach-Bliley Act

UK Coroners and Justice Bill

California Security Breach Notification Act

Massachusetts Encryption Mandate

US-Sarbanes-Oxley Act, Section 404

US-21 CFR Part 11

US Department of Defense (DOD) 5015.2

US Securities and Exchange (SEC) Act

Rules 17a-3 4 (17 CFR 240,17a-3,4)

German BDSG - regulation on personal

US - Consumer Product Safety

Improvement Act

US – RoHS (Restriction of use of

Hazardous material)

US – WEEE (Waste Electrical &

Electronic Equipment)

19 Entire contents © 2009 Forrester Research, Inc. All rights reserved.

SEEBURGER BUSINESS INTEGRATION SUITE

How is SEEBURGER helping best run companies to close the compliance gap in file exchange?

- 20 - © SEEBURGER AG 2011

SEEBURGER Business Integration Suite

Integration Platform

B2B / MFT / EDI

Document Automation

Paper, TIF, PDF, …

Application Integration Web, SOA

Event Management Sensors, Barcode, …

Ga

tew

ays

SEEBURGER Business Integration Suite

SEEBURGER

Business

Integration

Server (BIS)

End-to-End Monitoring

Your Company

SAP Solution

Extensions

Order-to-Cash

Purchase-to-

Pay

B2B/SCM

Monitor

Customers

Suppliers

Shipping/Logistics

Cloud

- 21 - © SEEBURGER AG 2011

SEEBURGER Business Integration Suite

Integration Platform

B2B / MFT / EDI

Document Automation

Paper, TIF, PDF, …

Application Integration Web, SOA

Event Management Sensors, Barcode, …

Ga

tew

ays

SEEBURGER Business Integration Suite

SEEBURGER

Business

Integration

Server (BIS)

End-to-End Monitoring

Your Company

SAP Solution

Extensions

Order-to-Cash

Purchase-to-

Pay

B2B/SCM

Monitor

Customers

Suppliers

Shipping/Logistics

Cloud

- 22 - © SEEBURGER AG 2011

Managed Integration

SEEBURGER Managed File Transfer Solution – Components

SEE Adapter

End point client to connect

any system in the network,

any file type, any operating

system and any file size

supported

Application and protocol

specific interface to integrate

applications via various

standard protocols (FTP, SFTP,

HTTP(s), ...)

Human to Human, Human

to System and Ad Hoc large

file exchange. Integrated

with popular Email system

for ease of use

Base Functions

Governance

Policy Management

Multi-OS & A2A

support

End-to-End-Visibility

Checkpoint & Restart

Content filtering

Event & Activity Management

Reporting & Administration

Management & measurement

SEE LINK SEE FX

Application

Adapter

Application

SEE

LINK

SEE

LINK

Systems

End Point Provisioning

Secure multiprotocol

communication

Process control & automation

Managed Collaboration

- 23 - © SEEBURGER AG 2011

SEEBURGER MFT Helps You Become Compliant

Dual Control and Role-Based Access Controls

Secure Login (SSL) and Unique Session Token

Password Strength and Expiry Enforcement

Alerting and Event Notification

Event Auditing and Log Aggregation (SYSLOG)

Protected Data in Motion (AS2 and Secure FTP)

Protected Data at Rest (PGP and File Encryption Adapter)

Protected Application Metadata (Database and Files)

SQL and JavaScript Injection Prevention

Modular Design Fits Secure Network Model

Secure File Transfer via Email

ICAP Interface Compatible with Spam Blocker and DLP

Core compliance aspects met with SEEBURGER Managed File Transfer solutions:

PII/PHI

- 24 - © SEEBURGER AG 2011

Polling Question #3

Which of the following best describes your company policies regarding data security?

− Policies are clearly defined and strictly enforced

− General guidelines exist but are loosely enforced

− Policies vary from department to department and application to application

− I am unaware of policies regarding the transfer of unstructured files

- 25 - © SEEBURGER AG 2011

SEEBURGER Solution Portfolio for specific industries B2B Packaged Solution Automotive, CPG/Retail and other

industries

– the standardized and pre-configured B2B Solution for your industry

SAP Solution Extension B2B/SCM Monitor

– SAP embedded and tightly integrated Best Practice B2B Solution

for cross-company, cross-system end-to-end monitoring providing

total visibility across the entire supply chain for SAP user

SAP Solution Extension Order-to-Cash

– SAP embedded and tightly integrated Best Practice B2B Solution

for seamless automation of “order to cash” processes (from receipt

of order through delivery to invoicing)

Logistic Solution Professional

– Standardized Logistic Solution packaged for automotive industry.

iMartOne

– WebEDI portal designed for your CPG industry- central internet

portal for the electronic exchange of business data between

consumer goods manufacturers, suppliers and retailers

Solution

Portfolio

Automotive

Solution

Portfolio

CPG/Retail

- 26 - © SEEBURGER AG 2011

Questions??