Protecting IP and Ensuring Compliance in Global Product Collaboration

Similar documents
Attribute Based Access Control for SAP

Entitlement Management

Title: HP OpenView Configuration Management Overview Session #: 87 Speaker: Loic Avenel Company: HP

Take Identity and Access Management to the Next Level Securely. Matthew Pecorelli

Optimize New Product Development. Presenter s Name Presenter s Title

KNOWLEDGE BRIEF. MIC Customs Solutions Is Recognized As the Technology Leader in the Global GTM Market by Quadrant Knowledge Solutions

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

Dynamic Enterprise Performance Management

POWERFUL END TO END PLM IN THE PTC CLOUD

LEADERSHIP INSIGHTS: PRODUCTIVITY AND INNOVATION

Introduction to SAP. SAP University Alliances Author Stefan Weidner Babett Koch Chris Bernhardt. Product SAP ERP 6.0 EhP4.

AV-19 Enterprise Workflow & Avantis

Leadership Insights: Productivitiy and Innovation. Folia Grace, VP Application Product Marketing November, 2011

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

Windchill : Managing the complete product lifecycle from concept to service

DATA SHEET RSA IDENTITY GOVERNANCE & LIFECYCLE SERVICES ACCELERATE TIME-TO-VALUE WITH PROFESSIONAL SERVICES FROM RSA IDENTITY ASSURANCE PRACTICE

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

Oracle Buys Primavera Creates First, Comprehensive Enterprise Project Portfolio Management Solution for Project-intensive Industries

<Insert Picture Here>

INSIDE THIS ISSUE. Whitepaper

Defining a Technology Strategy to Support Product Development

Building a Foundation for Effective Service Delivery and Process Automation

Your Business. The Cloud. Business Cloud.

Recording TCO Cook Book 7 Ways to Reduce TCO and Improve Business Operations

Slide Heading. Information System. Heather C. Paquette KPMG September 23,2009

2018 FORRESTER. REPRODUCTION PROHIBITED.

Unlocking Innovation. Mark Frear Business Development Director, SAP NetWeaver SAP Australia and New Zealand

Welcome to 2013 Apriso Community Summit. Apriso Corporation 2013, All rights reserved. 1

2014 3DX NAM Forum. Discover the Perfect Product: Connecting the dots between Formulation, Testing, Regulatory and the Supply Chain.

From a license in house architecture to the implementation of SaaS for B2B collaborative EDI

Click to edit Master title style. SharePoint: information security s weakest link?

SAP Product Road Map SAP Identity Management

Production management your way

ENOVIA CPG Accelerator for Integrated Product

API Gateway based approach to Integrations

Fulfilling CDM Phase II with Identity Governance and Provisioning

An Introduction to Oracle Identity Management. An Oracle White Paper June 2008

Building & Scaling a Profitable SaaS Business In the Cloud

Run Better: SAP Public Safety and Security. Anthony McKinney Senior Director, Global Public Services

SAP CRM 7.0. Overview. SAP CRM 7.0 Marketing

IBM BPM on zenterprise

LIST OF SAP SOLUTIONS

What s New Primavera P6 EPPM R8.3. Product Strategy February 2013

Oracle Fusion Applications Overview

Open Text Investor Briefing

SAP Master Data Governance Overview. May 2014 including SAP Master Data Governance 7.0 SP02 (Feature Pack)

CHAPTER 3 ENTERPRISE SYSTEMS ARCHITECTURE

ERP for Pharmaceutical Industry (Microsoft Dynamics AX) Global trends and business challenges A new generation of enterprise resource planning (ERP)

Overview and Frequently Asked Questions

Transforming Healthcare The Future is Now!

Pega Upstream Oil & Gas Capabilities Overview

FocusFrame Inc. A Hexaware Company. February 21, 2008 Analyst Meeting, Mumbai

Mission. US, LatAm, EMEA, Asia 24 / 7

Unlocking Enterprise Architecture Information for Maximum Business Value

ORACLE GLOBAL TRADE MANAGEMENT

Connecting the Digital-Thread:

ISACA Charlotte Chapter

Data Breaches and Security Rights in SharePoint Webinar

Enhancing Service Quality with Next Generation Business Automation in Government Muti Ur Rahman, ECM Sales Lead IBM India/SA

Infor CloudSuite Business

Making intelligent decisions about identities and their access

MICROSOFT DYNAMICS NAV FOR INTERNATIONAL

Identity & Access Management Unlocking the Business Value

SAP Innovation Forum Portugal GDPR Compliance Program Focus Use Cases

Optiv's Third- Party Risk Management Solution

Enterprise Information Systems

12/02/2018. Enterprise Information Systems. Learning Objectives. System Category Enterprise Systems. ACS-1803 Introduction to Information Systems

Delivering Business-Critical Solutions with SharePoint 2010

Cloud Computing and Export Controls

On-Boarding Lifecycle & Resources

Making the Connection: The How-To s of Connecting Suppliers, Partners, and Manufacturers

Manufacturing. Vice President

Thinking ERP? Important factors to keep in mind while considering an investment in enterprise business software.

Enterprise Information Governance, Archiving & Records management

SAP Cloud Strategy. Anoop Srivastava Director (Energy & Natural Resources) MENA ENR Forum, Al Khobar

SAP Strategy. RYU, SEYUL / SAP Korea

Investigate SAP s Latest Engineering Record and realize the transparency of the impacts along the end-to-end supply chain

Disrupt or be disrupted

Flying with IT through Market Turbulence

Enterprise Information Systems

Speed Up your Business-Focused Cloud Journey with NGA Cloud Accelerators. Copyright NGA Human Resources. All rights reserved.

Build a Future-Ready Enterprise With NTT DATA Modernization Services

Copyright 2012 EMC Corporation. All rights reserved.

SERVICES AND CAPABILITIES. Technology and Management Consulting

Introduction to Unified Communications: Defining the Parameters

At the Heart of Connected Manufacturing

An Epicor White Paper. Choosing the Right ERP Solutions to Support a Global Business

Integrated Enterprise Solutions. Pawan Sharma KPIT Cummins Infosystems Limited

Customer COE Hybrid Solutions Cloud (SaaS) / OnPremise Challenges Michael Zöller, SAP SE, Mission Control Center (MCC) EMEA Cloud Deployment Support

Leadership Insights: Productivitiy and Innovation. Karsten Roigk, Vice President Applications Strategy & Sales Support Budapest, November 2011

NetSuite Software Case Studies. Copyright 2017, Oracle and/or its affiliates. All rights reserved.

WebSphere Cast Iron Integration Overview IBM Corporation

Our Lines of Business

Reducing Complexity in Connected and Autonomous Vehicles

Building an e-business Ecosystem. TIBCO Software Korea

Integrating Payments Can Increase Savings, Security & Customer Satisfaction

EXECUTIVE ERP. EVALUATION AND INVESTMENT ROADMAP Developed for the Modern Business

Tony Wessels Vice President, Marketing Coupa

SOLUTION BRIEF HELPING PREPARE FOR RISK ASSESSMENT & COMPLIANCE CHALLENGES FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Click to edit Master text styles

Transcription:

Protecting IP and Ensuring Compliance in Global Product Collaboration \ E.K. Koh VP Solution Management NextLabs, Inc

Agenda Trends driving Global Collaboration Challenges in Global Product Collaboration Information Risk Management Solution Existing Approach Recommended Approach Case Study Question and Answers Slide 2

Key Business Trends Industry Consolidation Globalization Anywhere.. Any device Continued M&A activity anticipated 76% of executives anticipate at least one acquisition in 2013* Joint Ventures and partnerships on the raise Competitive threats keep companies on edge for IP Protection Firms expanding footprint to international markets to drive revenue growth and reduce cost of operations Trade and information exchange is crossing company and country borders Firms looking for next frontier of operational efficiency gains Desire to minimize IT maintenance and support costs Firms look for enabling employees with required access to data from anywhere and through any device * KPMG Survey on M&A Activity 2013 Slide 3

Global Collaboration Supplier/Partner Customers Supplier Collaboration My Company Customer Collaboration Offshore Subsidiary Offshore Manufacturing Research Collaboration Joint Venture Slide 4

New Product Innovation and Introduction Market Research Delivery and Support Prelim Concept Production Line and Quality Testing Full Concept Testing and Approval Slide 5

Global Product Design and Innovation Supplier/Partner Customers Market Research Supplier Collaboration Delivery and Support Prelim Concept Customer Collaboration Offshore Subsidiary Offshore Manufacturing Production Line and Quality Testing Testing and Approval Full Concept Research Collaboration Joint Venture Slide 6

Challenges in Global Product Innovation Supply Chain Security Exposure of company, partner and customer IP such as recipe information Control access to material Safety Data Sheets for REACH/ROHS reporting Compliance violations in the supply chain Supplier/Partner Customers Export Compliance Comply with CWC and export regulations for controlled chemicals Market Research Supplier Collaboration Delivery and Support Prelim Concept Customer Collaboration Offshore Subsidiary Offshore Manufacturing Production Line and Quality Testing Testing and Approval Full Concept Research Collaboration Joint Venture Data Security Privileged user control Data loss, contamination Intellectual Property Control Breach of NDA, PIA, and Contracts Loss of valuable IP recipes, ingredients Slide 7

Export Compliance for Controlled Chemicals SAP US Person Technical Data Export : - Email to foreign supplier - Travel overseas with laptop - Access from non-us location - Storage in a non-us datacenter Technical Data Foreign Person Deemed Export: - Access to technical data on controlled chemicals by Foreign Person in the US - Email ingredient list of controlled chemicals to a non-us coworker - Data copied to storage where non-us persons have access Contamination and Dual Use: - Re-use of commercial chemicals in defense applications - Inadvertent inclusion of controlled chemicals in commercial products Slide 8

Intellectual Property Protection in Global Collaboration Engineering Contract Manufacturing Protect recipes, ingredients, production processes, material safety datasheets across multilevel collaborations Suppliers JV Partners Protect recipes and ingredient list from foreign subsidiaries Overseas Subsidiary Control access to recipes and ingredients to comply with information sharing agreements Slide 9

Security & Compliance Challenges in the Product Innovation Lifecycle imagine design plan make service Critical Data Market Research Product Requirement Marketing Plan Drawings Prototypes Design Change Orders ebom Vendor Analysis Demand Forecasts Production plans Material Master mbom Change Orders Routings Instructions Quality Data Processes Knowledge Base Service Instructions Support Solutions Management Systems Doc Mgmt File Servers Email Endpoints PLM Doc Mgmt File Servers SCM ERP Portals ERP PLM Portals CRM SM Security & Compliance Challenges How do I protect market research and product concepts? How do I protect my Product Designs? How do I ensure supply chain security? How do I ensure export compliance? How do I protect sensitive service manuals? Slide 10

Information Risk is Never Far Away The US Department of State levied more than $100M in fines for ITAR violation just in the last 2 years. (source: US Dept of State) In a 2010 study by Ponemon Institute, the average cost of a data breach is $7.2 million per incident. (source: Ponemon Institute) Slide 11

Intellectual Property Risks and Impacts Source: Forrester Research Slide 12

Alternatives - RBAC is not Sustainable Common mistake is to use Roles to manage Data Entitlements We have more roles than employees Global companies have multiple access variables, each with multiple values Multiple Export Jurisdictions (e.g. ITAR, EAR, DOE) Multiple Projects and Product groups(e.g. Program X, Project Athena) Multiple Locations(e.g. US, UK, etc) Traditional role based access control (RBAC) explodes with rule complexity Required Access Rules Number of Access Variables Slide 13

Alternatives ABAP Customization is Costly Think TCO: 67% of your software cost is maintenance! Ask the tough questions! Criteria Core function Functional Fit Roadmap Alignment TCO Scalability Timing Questions Is Authorization Mgmt a core function of your business? Is your application extensible to provide the functionality you need? Can you keep up with future requirements? What is the total cost of development and ongoing maintenance? Will your customization scale with more users and more requirements? Can you keep up with the agility of your business? Slide 14

Alternatives ABAP Customization is Costly Manual Extensions to ERP to enable authorization checks: ABAP Customization Info Risk Management Foundation Slide 15

Information Risk Management https://rapid.sap.com/se/ Slide 16

Information Risk Management Information Risk Management automates information controls across key business processes to protect critical data and enable global business operations Information Centric focused on protecting information rather than infrastructure Across Business Processes designed to integrate across key systems Global Business Enabler empowers the business to collaborate and share data globally Slide 17

Solution Architecture Product Information Domains R&D Manufacture & Manage Collaborate Entitlement Mgr Product Lifecycle Mgt Custom R&D Apps Entitlement Mgr SAP Entitlement Mgr Fileservers SharePoint Communications (Email, IM, FTP, LiveMeeting, etc) Info Risk Mgmt Existing Information Risk Management Foundation Information Control Policy Electronic Export Control Intellectual Property Control Etc. Resource Classification User Classification Compliance Audit SAP MM IDM SAP HCM Trade Mgmt Slide 18

Example Information Risk Management Suite ERP PLM Server Desktop Entitlement Management SCM CRM ECM Rights Management Client Data Protection Email Collaboration Custom Apps On Demand Communications Control Center Information Control Platform Information Control Policy Identity Controls Data XACML Slide 19

End-to-End Information Controls Secure Data @ the Source Secure data use Prevent data loss, Secure external collaboration Project Y Project Y Recipe Recipe Entitlement Management Rights Management Data Protection Allow Only US Engr from JV to access Chemical Y recipes Deny Copy/Paste of Chemical Y Recipes Deny Sharing Chemical Y data outside Chemical Y Team Control Center Information Control Platform Information Control Policy Identity Controls Data XACML Slide 20

Policy-based Authorization Management Allow only JV Engineers in US Locations to access Chemical Y recipe User Attributes Location Data Classification Slide 21

Data-Level Access Control ACCESS DENIED: Only members of JV US Engr can access Chemical Y recipes ACCESS DENIED: Access to ITAR data requires export authorization. Slide 22

Intellectual Property Protection Solution Approach Manage IP Authorizations Manage authorizations for internal IP Access Manage IP sharing agreements such as PIEA, NDAs, Security Classification Identity and Automatically classify sensitive data based on business associations to materials, processes, customers etc Classify users by project, roles, company etc Control Access to IP Data Prevent unintended disclosures of recipes, ingredients, process specs, etc Control where IP etc can be stored Apply remediation workflow Audit Track all data access approvals and violations Centralized visibility into data activity Slide 23

IP Protection Global leader in Energy. 100,000 employees, 140 countries Objective: Provide global SAP PLM platform for secure collaboration and export compliance Challenge: Protect intellectual property as engineers collaborate world wide on product design. Comply with export and DOE regulations Challenge Challenge Provide global instance of SAP to enable global product design collaborations with offices, subsidiaries and partners worldwide Protect corporate IP and competitive information during the design phase of the product lifecycle. Ensure only authorized personnel have access to sensitive product data Enhance compliance with US ITAR, EAR and DOE and other foreign regulations by actively controlling access to technical data Manage global IT to ensure adequate privilege while limiting data access to comply with IP and regulatory mandates Solution Centrally define and manage access policies for IP and electronic export compliance Automatically classify data by project and sensitivity as documents or materials are created, updated or uploaded. Control access to parts, eboms, based on user citizenship, object export security classification, export license number, role and project membership to ensure access is based on need to know Audit and track all access approvals and denials to demonstrate regulatory compliance and compliance with IP protection mandates Centrally track access for compliance reporting Slide 24

Sample Customers A&D Chemicals High Tech IMC Benefits Enable Secure Product Collaboration with external parties Improve Governance and Compliance programs Enhance Data and IP Security Accelerate value and adoption of Global Consolidation Oil & Gas Slide 25

Thank You! For More Information, contact: SAP Ray Adams (ray.adams@sap.com) NextLabs Rob Robbins (rob.robbins@nextlabs.com) E.K. Koh (ek.koh@nextlabs.com) Slide 26

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback