Data Protection and Privacy for Fraud Watch

Similar documents
SAP Policy Management, group insurance add-on 1.1

Security Information for SAP Asset Strategy and Performance Management

Visual Business Configuration with SAP TM

SAP Business One Upgrade Strategy Overview

Business Add-Ins (BAdIs) for SD Jam Integration Document Version:

SAP Business One Upgrade Strategy Overview

HA301. SAP HANA 2.0 SPS03 - Advanced Modeling COURSE OUTLINE. Course Version: 15 Course Duration:

HA100 SAP HANA Introduction

What's New in SAP Landscape Transformation Replication Server 2.0 SP13

SAP Workforce Performance Builder 9.5

INTERNAL USE ONLY SAP BusinessObjects EPM Add-in for Microsoft Office Support Package 17 / Patch XX Installation Procedure

ADM505. Oracle Database Administration COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

BC414. Programming Database Updates COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Manual Instructions for SAP Note CRA: Configuration for the CRA report

SLT100. Real Time Replication with SAP LT Replication Server COURSE OUTLINE. Course Version: 13 Course Duration: 3 Day(s)

HA215 SAP HANA Monitoring and Performance Analysis

HA215 SAP HANA Monitoring and Performance Analysis

HA300 SAP HANA Modeling

How-To Guide SAP 3D Visual Enterprise Author 8.0 Document Version: How To Part Replace

Afaria Document Version: Windows Phone Enterprise Client Signing

HA150 SQL Basics for SAP HANA

FAQs OData Services SAP Hybris Cloud for Customer PUBLIC

What's New in SAP Landscape Transformation Replication Server 2.0 SP15

HA100 SAP HANA Introduction

HA300 SAP HANA Modeling

HA100 SAP HANA Introduction

CLD100. Cloud for SAP COURSE OUTLINE. Course Version: 16 Course Duration: 2 Day(s)

BW305. SAP Business Warehouse Query Design and Analysis COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

SAP EarlyWatch Alert. SAP HANA Deployment Best Practices Active Global Support, SAP AG 2015

HA355. SAP HANA Smart Data Integration COURSE OUTLINE. Course Version: 12 Course Duration: 3 Day(s)

ADM506. Database Administration Oracle II COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

SAP Analytics Cloud model maintenance Restoring invalid model data caused by hierarchy conflicts

ADM110. Installing and Patching SAP S/4HANA and SAP Business Suite Systems COURSE OUTLINE. Course Version: 17 Course Duration: 4 Day(s)

C4C30. SAP Cloud Applications Studio COURSE OUTLINE. Course Version: 21 Course Duration: 4 Day(s)

ADM110. Installing and Patching SAP S/4HANA and SAP Business Suite Systems COURSE OUTLINE. Course Version: 18 Course Duration: 4 Day(s)

SAP Hybris Billing, Pricing Simulation Extended Functions Release 2.0, SP03

HA150. SAP HANA 2.0 SPS02 - SQL and SQLScript for SAP HANA COURSE OUTLINE. Course Version: 14 Course Duration: 3 Day(s)

S4H01. Introduction to SAP S/4HANA COURSE OUTLINE. Course Version: 04 Course Duration: 2 Day(s)

Week 2 Unit 1: Introduction and First Steps with EJB. January, 2015

BOD410 SAP Lumira 2.0 Designer

DS10. Data Services - Platform and Transforms COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

S4H410. SAP S/4HANA Embedded Analytics and Modeling with Core Data Services (CDS) Views COURSE OUTLINE. Course Version: 05 Course Duration: 2 Day(s)

How-To Guide SAP 3D Visual Enterprise Author Document Version: Markups and Measurements

CA611 Testing with ecatt

BOCRC. SAP Crystal Reports Compact Course COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

Complementary Demo Guide

TADM51. SAP NetWeaver AS - DB Operation (Oracle) COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

MDG100 Master Data Governance

Device Operation Process Diagrams. SAP Mobile Secure rapid-deployment solution September 2014

BW305H. Query Design and Analysis with SAP Business Warehouse Powered by SAP HANA COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

SAP 3D Visual Enterprise 9.0: Localization of Authoring Content

HA 450. Application Development for SAP HANA COURSE OUTLINE. Course Version: 12 Course Duration:

BC470. Form Printing with SAP Smart Forms COURSE OUTLINE. Course Version: 18 Course Duration:

SAP Business One Integration Framework

BC403 Advanced ABAP Debugging

S4D430 Building Views in Core Data Services ABAP (CDS ABAP)

BC405 Programming ABAP Reports

Week 2 Unit 3: Creating a JDBC Application. January, 2015

Universe Design Tool SDK Object Model Diagrams SAP BusinessObjects Business Intelligence platform 4.1

BW405. BW/4HANA Query Design and Analysis COURSE OUTLINE. Course Version: 14 Course Duration: 5 Day(s)

Starting Guide for Data Warehousing Foundation Components on XSA

HA240 Authorization, Security and Scenarios

SAP HANA SPS 08 - What s New? SAP HANA Application Lifecycle Management (Delta from SPS 07 to SPS 08) SAP HANA Product Management June, 2014

BC404. ABAP Programming in Eclipse COURSE OUTLINE. Course Version: 16 Course Duration: 3 Day(s)

BOID10. SAP BusinessObjects Information Design Tool COURSE OUTLINE. Course Version: 17 Course Duration: 5 Day(s)

HA240 SAP HANA 2.0 SPS02

D75AW. Delta ABAP Workbench SAP NetWeaver 7.0 to SAP NetWeaver 7.51 COURSE OUTLINE. Course Version: 18 Course Duration:

How To Protect your Intellectual Property

HA150. SAP HANA 2.0 SPS03 - SQL and SQLScript for SAP HANA COURSE OUTLINE. Course Version: 15 Course Duration:

Custom Functions User's Guide SAP Data Services 4.2 (14.2.0)

SAP Business One Hardware Requirements Guide

Week 1 Unit 1: Introduction to Data Science

SAP HANA tailored data center integration Frequently Asked Questions

FAQs Data Workbench SAP Hybris Cloud for Customer PUBLIC

FAQs Data Sources SAP Hybris Cloud for Customer PUBLIC

UX402 SAP SAPUI5 Development

Device Application Onboarding Process Diagrams. SAP Mobile Secure: SAP Afaria 7 SP5 September 2014

SAP HANA SPS 09 - What s New? SAP River

BW462 SAP BW/4HANA COURSE OUTLINE. Course Version: 16 Course Duration: 5 Day(s)

DBW4H. Data Warehousing with SAP BW/4HANA - Delta from SAP BW powered by SAP HANA COURSE OUTLINE. Course Version: 13 Course Duration: 2 Day(s)

HA100 SAP HANA Introduction

FAQs Data Cleansing SAP Hybris Cloud for Customer PUBLIC

SAP: Speeding GRC Control Testing by 90% with SAP Solutions for GRC

SAP Business Warehouse powered by SAP HANA

UX300 SAP Screen Personas 3.0 Development

Do Exception Broadcasting

ADM535. DB2 LUW Administration for SAP COURSE OUTLINE. Course Version: Course Duration: 3 Day(s)

Setting Attributes Dynamically

Using SAP SuccessFactors Integration Center for generating exports on Interview Central. SAP SuccessFactors Recruiting Management

SAP HANA Cloud Integration for data services What s new in (Sept 2015) Ben Hofmans, Product Manager

SAP Single Sign-On 2.0 Overview Presentation

SAP HANA SPS 08 - What s New? SAP HANA Web-based Development Workbench. (Delta from SPS 07 to SPS 08) SAP HANA Product Management May, 2014

SAP Workforce Performance Builder

BW310H. Data Warehousing with SAP Business Warehouse powered by SAP HANA COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

BC401. ABAP Objects COURSE OUTLINE. Course Version: 18 Course Duration:

Let s Exploit DITA: How to automate an App Catalog

Quick Guide to Implementing SAP Predictive Analytics Content Adoption rapiddeployment

Getting Started with SAP Business One 9.2, version for SAP HANA

HA400 ABAP Programming for SAP HANA

Partition Wizard User s Guide SAP BusinessObjects Planning and Consolidation 10.0, version for the Microsoft platform

Transcription:

Security Guide Fraud Watch Document Version: 1.0 2017-06-05

Document History Version Date Change 1.0 2017-06-05 First release of the Security Guide for Data Protection and Privacy. 2 2017 SAP AG or an SAP affiliate company. All rights reserved. Document History

Table of Contents 1 Introduction... 4 2 Before You Start... 5 3 Data Protection and Privacy... 6 3.1 Deletion of Personal Data... 6 3.2 Reports... 7 Table of Contents 2017 SAP AG or an SAP affiliate company. All rights reserved. 3

1 Introduction Data protection is associated with numerous legal requirements and privacy concerns. This section describes the specific features and functions that SAP provides to support compliance with the relevant legal requirements and data privacy in Fraud Watch. Caution This guide does not replace the administration or operation guides that are available for productive operations. Target Audience Technology consultants Security consultants System administrators This document is not included as part of the Installation Guides, Configuration Guides, Technical Operation Manuals, or Upgrade Guides. Such guides are only relevant for a certain phase of the software life cycle, whereas the Security Guides provide information that is relevant for all life cycle phases. Why Is Security Necessary? With the increasing use of distributed systems and the Internet for managing business data, the demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation of your system should not result in loss of information or processing time. These demands on security apply likewise to Fraud Watch. To assist you in securing Fraud Watch we provide this Security Guide. About this Document The Security Guide provides an overview of the relevant data protection and privacy information that applies to Fraud Watch 3.5. 4 2017 SAP AG or an SAP affiliate company. All rights reserved. Introduction and Privacy

2 Before You Start Important SAP Note The SAP Note that applies to Fraud Watch is shown in the table below. Title SAP Note Comment Data Protection and Privacy for Fraud Watch 2461960 Compliance with: SEC-256 Deletion: SAP software shall support erasure of personal data. SEC-254 Read Access Logging: SAP software shall be able to log read access to sensitive personal data. SEC-255 SAP software shall provide a report or display function which can be used to inform the data subjects about the personal data stored about them. SEC-265 SAP software shall be able to log changes to personal data. Before You Start and Privacy 2017 SAP AG or an SAP affiliate company. All rights reserved. 5

3 Data Protection and Privacy This section and any other sections in this Security Guide do not give any advice on whether these features and functions are the best method to support company, industry, regional or country-specific requirements. Furthermore, this guide does not give any advice or recommendations with regard to additional features that would be required in a particular environment; decisions related to data protection must be made on a case-bycase basis and under consideration of the given system landscape and the applicable legal requirements. Note In the majority of cases, compliance with data privacy laws is not a product feature. SAP software supports data privacy by providing security features and specific data-protection-relevant functions such as functions for the simplified blocking and deletion of personal data. SAP does not provide legal advice in any form. The definitions and other terms used in this guide are not taken from any given legal source. Glossary Term Personal data Business purpose Blocking Deletion Definition Particulars about personal or material circumstances of an identified or identifiable natural person (data subject). A legal, contractual, or in other form justified reason for the processing of personal data. The assumption is that any purpose has an end that is usually already defined when the purpose starts. A method of restricting access to data for which the primary business purpose has ended. Deletion of personal data so that the data is no longer usable. 3.1 Deletion of Personal Data Use The purge private data process deletes, from the database, all the data related to personal information by a cutoff date. The personal information is deleted from the following tables in the client database: Tables in the client database tbl_tempordercustomer 6 2017 SAP AG or an SAP affiliate company. All rights reserved. Data Protection and Privacy and Privacy

Tables in the client database tbl_tempordertenderinfo tbl_summultcredcard tbl_summultcredcardmonth tbl_summultcredcardweek tbl_summultcustcardmonth tbl_summultcustcardweek tcredcardsumexc??? tcustsumexc??? tordercustomer?? tordertenderinfo?? tbl_cardnum tbl_customerinfo Note 1. All temporary tables are purged regardless of the date in which the record is inserted. Do not run this function during data load. 2. For any given period, the purge private data function should be used after the regular purge. 3.The weekly and monthly summaries will be purged up to the previous week or month of the cut-offdate. 3.2 Reports View Private Data Access The View Private Data Access report lists all accesses to the private data in a specific period. The following actions are monitored: Action Description Users/Roles Administration Change Email Change Password Password Functionality Page URL admin/display_user.asp change_email.asp change_password.asp admin/list_ds02.asp Data Protection and Privacy and Privacy 2017 SAP AG or an SAP affiliate company. All rights reserved. 7

Action Description Delete Alerts from Other Users Maintain Distribution List Unmask Card Number Complex Query Run Custom Query on Production Database Users/Roles Administration Change Email Change Password Password Functionality Delete Alerts from Other Users Maintain Distribution List Unmask Card Number Complex Query Run Custom Query on Production Database User-Defined Data Sets Run Custom Query on Test Database Query Builder Native SQL Personal Information Alert Report Wizard Control Panel Run Scheme Credit Card Alert Transaction Detail Customer Ranking Report Credit Card Ranking Report Lookup Report Customer Fuzzy Search Credit Card Number Usage Customer ID Usage Personal Information Usage Purge Private Data Page URL deleteothersalerts MaintainDistributionList UnmaskCardNumber adhocquery.asp AdHocQueryProduction admin/display_user.asp change_email.asp change_password.asp admin/list_ds02.asp deleteothersalerts MaintainDistributionList UnmaskCardNumber adhocquery.asp AdHocQueryProduction maintainaqdataset.asp AdHocQueryTest maintainaqquery.asp maintainaquserrule.asp suspicious_info.asp FWFraudWizard.asp FWRunScheme1.asp suspicious_cc.asp rptorderdetail.asp rptcustrankingreport.asp rptcreditcardrankingreport.asp rptlookup.asp?lookup=customer FuzzySearch.asp checkcredcardnumusage.asp checkcustomeridusage.asp checkpersoninfousage.asp purgeprivatedata.asp 8 2017 SAP AG or an SAP affiliate company. All rights reserved. Data Protection and Privacy and Privacy

Action Description List Privacy Access Page URL checkprivate-access.asp Credit Card Number Usage The Credit Card Number Usage report lists, in various tables, all usage of a given credit card number. The results contain a list of the number of counts and the table names. Customer ID Usage The Customer ID Usage report lists, in various tables, all usage of a given customer ID. The results contain a list of the number of counts and the table names. Personal Information Usage The Personal Information Usage report lists, in various tables, all personal information usage based on the name, address, and phone number. The results contain a list of the number of counts and the table names. Note Due to how the Point-of-Sale system captures the information, there is no way to tell if the data in the database is actually about that individual. Data Protection and Privacy and Privacy 2017 SAP AG or an SAP affiliate company. All rights reserved. 9

www.sap.com/contactsap 2017 SAP AG or an SAP affiliate company. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. National product specifications may vary. These materials are provided by SAP AG and its affiliated companies ( SAP Group ) for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Please see www.sap.com/corporate-en/legal/copyright/index.epx#trademark for additional trademark information and notices. Material Number: NA

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback