June 30, 2008

Protecting enterprise applications

It seems that there is renewed interest in protecting enterprise applications (e.g. SAP).  Our own Sharon Besser blogged about it, McAfee's Rees Johnson blogged about this here and there has been some commentary from Eric Kang on how PCI DSS applies to SAP here.  SAP even has a list of complementary security providers (software, hardware and services) on this site (yes, Imperva is on this list as well).

Why is there so much focus on protecting applications that enterprises use to run their business?  Well, if you need to ask... But seriously, do think back for a bit and see what your own applications contain.  I suspect that most companies keep at least the following data:

  • Customer names, addresses, credit references, payment history, tax ID numbers, etc.
  • Employee names, social security numbers, addresses, bank account numbers (for automatic deposit of paychecks)
  • Supplier/partner information (similar to customer information above)
You can see why the "bad guys" are after enterprise applications now.  And, as Eric Kang noted above, most of the PCI consultants don't understand ERP applications.  The problem here is obvious, the solutions, not so.  I could talk about how our SAP-certified WAF is one answer to this and how our DAM solution is another but then I would be pitching products...

Tags:

By
Rohit Gupta
| June 30, 2008 12:45 PM | | Comments (0) | TrackBacks (0)
  • Digg it!
  • Add to Del.Icio.Us
  • Add to Technorati
  • Stumble It!
  • NewsVine
  • Slashdot
  • Google Bookmarks
  • YahooMyWeb
  • Live
  • Add this post to Reddit

0 TrackBacks

Listed below are links to blogs that reference this entry: Protecting enterprise applications.

TrackBack URL for this entry: http://blog.imperva.com/mt/mt-tb.cgi/46

Leave a comment