Gamma Survey Shows Despite Worries Over Protecting Sensitive Data, Companies are Ill-Prepared to Secure Confidential Information
WOODLAND HILLS, Calif.– LAWFUEL – The US Legal Newswire –Gamma Enterprise Technologies, creator of InfoShuttle® and a leading global provider of application data management software solutions for companies running SAP® applications, today announced the results of a survey of SAP users worldwide about their methods of protecting sensitive data in non-production environments. The results of this survey highlight the vulnerabilities of highly confidential information and raise questions on current strategies to protect this data.
Exposure of Sensitive Data in Non-Production Environments
The survey shows that nearly 70 percent of the 175 respondents across 23 countries are worried about the overall exposure of sensitive data in non-production environments. Of these respondents, over three-quarters are apprehensive about the security of their employee and customer records. Over 80 percent are fearful about the security of financial transaction documents and just over half see the protection of sales and purchase orders as a concern.
Yet despite this fact, most survey participants have no plans to increase protection practices to better secure this data in development and test settings. In fact, two-thirds of survey respondents say their organizations do not plan to manage the issue by implementing third party data security solutions. Most say their organizations rely on in-house “home-grown” solutions (30 percent), which provide basic masking for some sensitive data fields or SAP’s standard security measures (64 percent), which are typically used to provide access control for SAP production systems.
With reports showing that over 167 million data records with sensitive personal information have been compromised in the past two years alone (and those are only the reported cases), security is of the utmost concern across all industries. Because non-production environments leverage “real data” to test applications, they house some of the most classified information in an organization — including employee records, customer records, and financial transaction documents. Yet, non-production environments are generally exposed with little or no logging and monitoring, and these systems are often made available for remote access, and as a result, they are difficult to secure.
Furthermore, typical control practices in development and test environments (people, process and technology) tend to be a fraction of what is practiced within production environments. The sobering results of Gamma’s survey reveal that while organizations have real fears of security breaches at the application development level, most don’t have the right solutions and practices in place to ensure protection.
In order to effectively address data leakage in SAP development and test environments, Gamma is working to educate the industry on steps organizations can take to secure their data. Gamma has collaborated with data security expert and former Symantec VP of Information Security and Business Strategy, Louis Carpenito CISSP, CISM to create a whitepaper on “Information Security Best Practices for Data Protection in Development and QA Environments.”
In addition to Gamma’s educational efforts, the company provides a leading data security solution for non-production environments. Gamma’s InfoShuttle Data Security enables organizations to use, customize and create sophisticated rules for masking or obfuscating sensitive information that has been moved into development, testing, training and sandbox environments.
InfoShuttle Data Security goes beyond basic security measures to ensure sensitive data is fully obfuscated in non-production clients. The Gamma solution provides multiple technologies to obfuscate data, such as key swapping to manipulate the key fields of high visibility master records and associated documents. InfoShuttle Data Security is the only solution that can obfuscate an entire client, changing both master and transactional records in data tables throughout the client and processing up to billions of records.
Beyond meeting legal requirements imposed by data privacy regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley requirements, InfoShuttle Data Security can lower exposure to legal costs incurred in defending lawsuits by avoiding circumstances where sensitive data is lost, stolen or inappropriately accessed and used for illegal purposes.
For more information on InfoShuttle Data Security please visit: http://www.getgamma.com/pro_ds.html.
About Gamma Enterprise Technologies
Gamma is a leading global provider of application data management software solutions for companies running SAP applications. The company’s InfoShuttle® application data management solutions deliver a flexible and efficient environment to provision, manage and secure data. Gamma applications have achieved SAP Certified Integration and Powered by SAP NetWeaver® status. Using solutions from Gamma, organizations can provide the right data to the right people at the right time.
With over ten years of experience, Gamma’s application data management solutions are deployed throughout some of the largest corporations in the world. Gamma solutions enable customers to minimize the time, risk and expense associated with building and deploying applications so that they can be more productive, competitive and compliant.
Headquartered in Woodland Hills, Calif., Gamma has offices and affiliates serving North and South America, Europe, the Middle East, Africa, and Asia Pacific. For more information, please visit www.getgamma.com.
InfoShuttle is a registered trademark of Gamma Enterprise Technologies, Inc.
SAP, SAP NetWeaver and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world.