In this session, you will hear security experts from SECDUE talk about reducing a negative impact on user experience from traditional security solutions. You will also learn about emerging technologies that enable you to protect financial, PII, and other sensitive information inside and outside of SAP, while eliminating a negative productivity impact. Learn how you can gain a 360° control by extending roles and authorization configured in SAP to any documents leaving SAP applications, allowing them to be safely accessed, shared, and stored inside the company and beyond, including mobile and cloud platforms. Find out how you can to track and analyze all download activity from SAP systems, identify sensitive data with intelligent classification, and create intuitive DLP policies to prevent data loss, all with minimal work disruptions.

1. STRICTLY CONFIDENTIAL | © 2015 SECUDE AGSTRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Eliminating Negative Impact on User
Experience from Security Solutions
Webinar

2. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
About SECUDE
• Established in 1996, Spin-Off from Fraunhofer & SAP
• Developer of a Secure Login (SAP Single Sign-On)
technology, sold to SAP in 2011
• SAP partner and Value Added Reseller (VAR)
• Trusted by a large number of Fortune 500 and DAX
companies
• 4 global locations: Switzerland, Germany, USA, India
• New focus extends to data-centric security and
classification with Halocore solutions
SECUDE is an innovative global provider of IT data protection solutions for SAP
customers. Our user-friendly solutions protect the integrity of data, prevent
intellectual property theft and data breaches, while enforcing regulatory compliance.

3. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
User eXperience (UX) is the process of enhancing
customer and loyalty by improving the usability, ease
to use and interaction between the user and product.
User eXperience (UX) is the understanding of what
people do and how we can
“Make It Better”.
OR
What is User Experience?

4. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG

5. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
The Design of Everyday Things

6. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
The Design of Everyday Things

7. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Little Things That Make a Difference…
In the vast majority of cases, splash screens do little more than
needlessly annoy users. Rather than make us sit and stare at a
logo for five seconds every time we open an app, why not -- I don't
know -- just let us into the app?

8. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Little Things That Make a Difference…
There's rarely a reason for a "Loading" dialog to hijack our screen
and force us to stare at a spinning wheel. How about a Gmail-style
progress bar that doesn't take over the entire experience instead?

9. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Results of Little Things Big Difference - Uber

10. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
UX Research is About Changing Assumptions

11. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Shopping Experiences Are Measured By UX

12. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG

13. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Wearables Are Changing UX

14. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
How the Customer
explained it
How the Project
Leader understood it
How the Analyst
designed it
How the Programmer
wrote it
How the Business
Consultant described it
How the project was
documented
What Operations
installed
What the customer
was billed
How it was supported What the Customer
really needed

15. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
UX Fails - Bad Design

16. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
UX Fails - Confusing Users

17. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
UX Fails - Registration

18. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
UX Fails – Bad Website Design

19. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
3 of 12
Reasons why software fails are directly
related to problems with UX
- IEEE Report “Why Software Fails?”

20. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Does This Sounds Familiar?
This software is very
complex!
I liked the old app
better
Why do I have to click
so many times to do
something?
Why can’t I copy/paste all
the data from my Excel
sheet?
Why can I not
download this
file?
Why do I get an
error message?
Why is this taking
so long?

21. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
• Are usability and security competing goals?
• Humans are the weakest link in the security chain
• Security systems are social as well as technical
• Security mechanisms require extra work. Humans find
shortcuts and workarounds
• Users will find ways to evade security demands that are
considered unreasonable or burdensome
Humans & Security

22. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Security vs User Experience
For user experience designers the question is
How do you design the security experience to fit the needs of the digital
identity. Behind the identity there is a person with the same basic needs as
stated in Maslow’s hierarchy of needs – security among the most critical.
For security professionals the question is
How do you enable your customers business in an environment, where the
speed and comfort override the traditional understanding of security –
environment, where user experience overrides security?

23. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Layered Approach to Security
Network
– Data Loss Prevention (DLP)
– Firewalls
– Virtual Private Network (VPN)
Storage
– Full Disk Encryption (FDE)
– Database Encryption
File
– Pretty Good Privacy (PGP)
– Information Rights Management (IRM)
File
Network
Storage

24. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Network Layer
• Common problems with VPNs
– Connection attempt is rejected
when it should be accepted
– Connection attempt is accepted
when it should be rejected
– Unable to reach locations beyond
the VPN server
– Disconnected from a VPN
session
More than three-quarters
(77%) of Americans are less
than satisfied with their
current capabilities offered by
their IT organization.
Source: Petino Study
58%
43%
31%
Issues with VPNs
Performance
Connection reliability
Ease of use

25. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Network Layer
• Common issues with DLP
– DLP is far away from where data
is created (applications)
– DLP lacks contextual awareness
– DLP can't make sense of content
sent as CAD diagrams, graphics,
pictures or non-text-based media
– DLP doesn’t understand the user
and her intentions
– Negative impact on user
experience
So secure
that it is
unusable?

26. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Storage Layer
Mobile technology impact on productivity:
Thinking about the next 24 months, how critical a role will the following
mobile technologies play in business productivity at your company?
Source: Information Week Mobile Device
Management and Security Survey
22%
21%
53%
36%
89%
38%
24%
34%
79%
82%
0% 20% 40% 60% 80% 100%
Netbooks
Kiosk-based web access
Laptops
Tablets
Smartphones
2011
2010

27. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Storage Layer
58%
16%
26%
73%
12%
15%
0%
10%
20%
30%
40%
50%
60%
70%
80%
Yes, and the IT department is
reponsible for procuring
devices and carriers
Yes, but users purchase the
devices themselves and select
their own carriers
No, employees use their own
devices
2010
2011
Standardizing on a mobile device platform:
Has your organization standardized on a mobile device platform?
Source: Information Week Mobile Device
Management and Security Survey

28. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Storage Layer
Level of data sensitivity allowed for storage on mobile devices:
What is the maximum data sensitivity level that is permitted to be stored on any type of mobile device?
Source: Information Week Mobile Device
Management and Security Survey
15%
24%
34%
4%
23%
Highly sensitive data
including financial and
compliance-related data
Sensitive data
Internal data that is not
deemed sensitive
Public data only
No restrictions

29. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Storage Layer
Mobile devices and data policies:
Does your organization currently have written policies or procedures
pertaining specifically to mobile devices or the handling of mobile data?
Source: Information Week Mobile Device
Management and Security Survey
49%
18%
6%
21%
6%
52%
19%
4%
22%
3%
0% 10% 20% 30% 40% 50% 60%
Yes, written policies and procedures
Yes, written policies only
Yes, written procedures only
No, but policies are being
considered
No
2011
2010

30. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Data Layer
• File-encryption (PGP…)
– Key/password management
issues
– Protection is gone once file is
unlocked/decrypted
• Rights Management (DRM,
IRM  RMS)
– Capabilities of IRM
• Protection = encryption +
policy
• Control who can open, edit,
print, copy/paste…
• Expiration date
– Established IRM solutions
• Adobe
• Microsoft

31. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
1. Create different user types. "Those that do not need access to the
sensitive information can't retrieve it”
2. Channel application flows. "Make it easy to get access to sensitive
information only if needed. And make sensitive information harder to
access otherwise."
3. Help users understand the potential consequences of their
actions. "Give them steps they must acknowledge to access sensitive
information or execute risky operations. Along with building in
automatic flows that may be invisible to users, develop agile
processes that enhance the sense of ownership.”
3 Ways to Accomplish Security
While Heightening User Experience

32. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
How Many Clicks Do You Need?
SAP Security
• Roles and Authorizations
• Segregation of Duties (SoD)
• Infotypes
• Single Sign-On (SSO)
• Password Hashes
• Secure Network Communications (SNC)
• …
Enterprise Security
• Firewalls
• VPNs
• Classification
• Data Loss Prevention (DLP)
• Cloud security and MDM
• Risk and vulnerability management
• …

33. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
SAP Data is the Heart of the Enterprise

34. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Every Day Data is Extracted from SAP

35. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Today: Traditional Security Solutions
Are Not Connected to SAP

36. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Cohesive UX with Securing Data

37. STRICTLY CONFIDENTIAL | © 2015 SECUDE AGSTRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Extend Existing Classification Frameworks
to Data Leaving SAP

38. STRICTLY CONFIDENTIAL | © 2015 SECUDE AGSTRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Block Sensitive Data Downloads
Directly from SAP

39. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Extend Roles and Authorizations
Configured in SAP for Continuous Protection

40. STRICTLY CONFIDENTIAL | © 2015 SECUDE AGSTRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Audit All Activity

41. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Demo

42. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Demo

43. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Aparna Jue
Technical Product Manager
Office: +1 (404) 977-0940
Aparna.Jue@usa.secude.com | www.secude.com

44. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG

45. STRICTLY CONFIDENTIAL | © 2015 SECUDE AG
Copyright
SECUDE AG © 2015 All rights reserved.
All product and service names mentioned are the
trademarks of their respective companies. No part of this
publication may be reproduced or transmitted in any form or
for any purpose without the express written permission of
SECUDE AG. The information contained herein may be
changed without prior notice.
Microsoft, Windows, and Active Directory are the brand
names or registered trademarks of Microsoft Corporation in
the United States.