There’s no ‘good’ time for a data breach, but accidentally leaking sensitive information during closed periods leads to heavier financial and reputational costs than at other parts of the year. As SAP holds public companies' most sensitive financial and HR data, executives must guarantee the security of thousands of SAP downloads or face non-compliance fines and legal repercussions.
You have a legal duty to enforce closed periods, but how can you prevent leaks from bad actors or negligent third-party partners? With HaloCORE’s Zero Trust protection for SAP data exports.
There’s no ‘good’ time for a data breach, but accidentally leaking sensitive information during closed periods leads to heavier financial and reputational costs than at other parts of the year. As SAP holds public companies' most sensitive financial and HR data, executives must guarantee the security of thousands of SAP downloads or face non-compliance fines and legal repercussions.
You have a legal duty to enforce closed periods, but how can you prevent leaks from bad actors or negligent third-party partners? With HaloCORE’s Zero Trust protection for SAP data exports.
In the closed period between your company closing its books and reporting this information to the public (i.e. filing your yearly Form 10-K with the SEC), ‘insiders’ have access to information that could distort the market or company share price, such as profit & loss data, expansion plans or the gain or loss of customer contracts. In the US, this is known as ‘material non-public information’ (MNPI).
From directors to accounting staff, insiders are prohibited from sharing MNPI during the 30-60 day closed period and during ‘quiet periods’ before sensitive announcements, such as new product launches. Leaks of MNPI not only lead to fines and jail terms for individuals involved, but financial, reputational and legal consequences for companies too. For example, in 2020, the SEC fined Ares Investment Management $1 million for failing to enact adequate policies to secure MNPI. In 2013, the SEC fined SAC Capital a record $1.8 billion for insider trading.
Just as secrecy during closed periods maintains market integrity, preventing leaks during closed periods maintains your company’s reputation. But preventing leaks during this time is particularly challenging for five key reasons.
From confidential reports and spreadsheets to customer brochures and headcount data, it’s illegal to disclose any pertinent financial information held in SAP that could affect the market or the company’s share price before it’s officially announced. But as soon as data leaves the SAP system, it becomes vulnerable to mishandling and misuse.
However, HaloCORE embeds Microsoft Purview Information Protection (MPIP) directly into SAP’s application layer, automatically protecting material non-public information coming out of the SAP system. As HaloCORE is embedded in SAP data from the point of origin, all SAP downloads are protected from insider threats, be it a disgruntled junior manager attempting to steal information or a third-party accountant accidentally sharing a spreadsheet to unauthorized persons.
As HaloCORE’s authorization labels automatically protect SAP data exports, your employees also don’t need to worry about how they act during closed periods, enabling you to continue business as usual.
Case study: multinational professional services company
A multinational professional services company was worried that departing employees could take sensitive material with them and disclose it during closed accounting periods. With over 700,000 employees exacerbating the risk of a damaging data leak, the company used HaloCORE’s automatic labeling checks to protect all data coming out of its secure systems.