In mid October, SAP and Cisco announced the availability of their Data Privacy composite application. This application uses real time network monitoring of the enterprise business policies and controls to prevent incidents of data in motion. That’s a buzzword-filled way of saying you can set policies and controls in your SAP application and have the Cisco network conduct message-level inspections to determine if any data policies are being violated. If violations (“incidents”) do occur, you can mange or remediate them immediately rather than after the fact when it’s too late.

There are lots of data loss prevention products that do this kind of thing. However, the value of having the Cisco network component embedded in the application is that it adds location awareness and unified communications to the solution. This is best illustrated with an example.

Let’s say your company uses SAP CRM to manage your customer relations. Joe in the Americas Sales organization uses this application to manage his accounts, opportunities, activities and so on. As long as he accesses the application from any location within the Americas, he can work with his accounts. When he goes to China for a sales team reward event, he’ll be blocked from accessing his customer records because the policy stipulates that this is a location where Joe would not normally do business. (He could request a temporary exception to the policy ahead of time for the specific dates of his travel.)

Sally in Channel Development also uses the SAP CRM application to cultivate new channel partners. Based on her global role, the policy gives her access to the application regardless of her location. However, if Sally attempts to e-mail customer data to a channel partner, the message can be terminated before the data leaves the company. The enterprise policy and mitigating control could be that no customer data is permitted to be sent outside the company via e-mail, and attempts to do so will be blocked. Since the company has informed employees of this policy, an attempt to violate it could be considered a serious breach. Using Cisco’s Unified Communications, a security officer could be called to alert him of this policy violation.

The Data Privacy composite application is designed to do three things:

Linda Musthaler is a principal analyst with Essential Solutions Corporation.