Detecting SAP Cyber Attacks, Data Theft, Fraud and Access to Personal Data (GDPR)
ProfileTailor™ Dynamics can provide a crucial role in detecting serious security threats within your SAP landscape such as data theft, fraud and cyber attack.
The system learns the behaviour of each and every one of your SAP users; what transactions they use, how often they use them, what times of the day and which days of the week that they are typically active, which IP addresses they use - even which keystrokes they use within each transaction.
This information gets built into a behaviour profile; essentially a digital fingerprint of their normal behaviour patterns.
ProfileTailor can then alert you when a user is acting outside of their normal behaviour patterns - for instance, if they were to log into your systems at a strange time of the day, or from an unusual IP address. Such behaviour could indicate that an intruder has gained access to their credentials. Illegally obtaining and using valid credentials is the most common way that intruders access corporate systems.
Please see our dedicated GDPR page.
ProfileTailor can also compare each users activity with the profiles of other employees within their department and generate a risk assessment according to their specific behaviour.
For instance if someone within the Accounts Payable team processes a payment to a vendor then this would produce a low risk score as it is an activity that is quite normal for them to be doing. However, if someone from your development team executed the same transaction to process a vendor payment then this would produce a high risk score and generate an alert as it is not something you would expect them to be doing.
ProfileTailor will also help you to detect when your are under internal attack such as attempted data theft or fraud, or an external cyber attack.
It achieves this by continuously monitoring activity at a keystroke level and trigger alerts if it detects any high risk activity or undesirable behaviour. Common examples would be if a user updated their own payroll details, or perhaps attempted to access credit card tables or download customer data.
We have a special article on the subject which you can read here. Read Article