Have you ever been exposed to a scam?
The increase in phone scams to which we are often exposed is a result of the theft of internal data from banks, customer service companies and many others.
To perform a phone scam, it is necessary to know the victim and their identity data such as name, phone, email, and others. Most of the time, this valuable information comes from an internal data source.
Is this because external data hacking breached access controls through the internet?
Yes, it could be… but usually, data theft is mainly driven by internal employees, which is called occupational fraud.
Sometimes companies with anti-fraud programs are also exposed to fraud. According to the ACFE* publications, the main driver of occupational fraud is the lack of internal controls.
Data theft in the SAP world is significant. Some examples of information that would be at risk are customer data and sales, price lists, suppliers, materials purchased and their values, and valuable financial data that can be maliciously used.
How to mitigate these risks?
By giving employees access to what is essential to perform their activities and reducing as much as possible the conflicts due to the segregation of duties in the assigned privileges.
How can this be achieved?
With CentinelBox, you will identify users with over-assigned transactions and SOD conflicts when using the system; and it will also provide you with tools to perform many types of automated remediation on roles and profiles.