UPC Cablecom, a leading Swiss communications and entertainment provider relies on Trend Micro for the protection of its SAP Supplier Lifecycle Management application. The deciding factor for this choice was certification of Deep Security for version 2.0 of the virus scan interface in SAP NetWeaver, as well as the accurate malware protection offered by this solution.
UPC Cablecom services via fibre optic networks are available in about 70 percent of Switzerland. The company’s own network connects more than two million households, including all larger Swiss towns. The company also collaborates with partner networks and offers products for business customers. These include networking of different office locations, Internet, telephone, or TV connections, and other solutions.
UPC Cablecom relies on SAP solutions for the management of specific business processes. For a company like UPC Cablecom, the management of supplier relationships is also of primary importance. Management of the supplier portfolio encompasses the entire spectrum, from consultancy service providers to providers of cables and connectors, as well as industrial cleaning. “We need to make sure that all suppliers adhere to the standards set by our company,” stresses Urs Villa, Sourcing Manager with UPC Cablecom.
The SAP Supplier Lifecycle Management Application provides the necessary tools for this, and from May 2015, potential or existing suppliers can register for themselves via the Internet. They will receive a questionnaire covering key questions such as quality, environment, and safety standards, and the questionnaire can be used to check if suppliers support certain business processes or are in possession of the relevant certifications. Questions relating to accounting data are also covered.
“We have optimized processes in the supplier relationship by providing Internet access to the portal,” according to Villa. “At the same time the external connectivity of the SAP portal has led to increased security risks.” Suppliers need to upload evidence of their certification, insurance, and other documents. These documents contain sensitive data that must be scanned for computer viruses and protected from malware before they can be saved to the SAP database.
Moreover, it is business-critical that these documents are free from malware with the potential to spread and infect other internal systems, explains the strategic buyer. Content security was therefore paramount. SAP’s own recommendation is to implement the necessary security of their systems in the installation requirements. The manufacturer does not offer its own security solutions for these kinds of threats and counts on partners who should safeguard content security via the virus scan interface (version 2.0) in SAP NetWeaver.
Regarding requirements Villa also stated, “We were looking for a security solution that is certified for the new version of the interface because we assume that installation and integration into the system is easier that way.” The decision in favor of Deep Security could be made swiftly as the solution is certified for virus scan interface 2.0 and therefore ensures the functionality of the scan. This facilitates the exchange of documents in business applications and scanning of binary files as
attachments in SAP components such as Mail, Connect, or KPro.
“We made the right choice with Deep Security and benefit in many ways,” explains the sourcing manager. “Apart from UPC Cablecom fulfilling SAP recommendations by opting for the certified solution, we also assume close collaboration between Trend Micro and SAP which could be crucial in terms of support problems,” Villa elaborates. “Last but not least, we were right in our prediction regarding systems integration.” Installation of the Deep Security solution was relatively simple according to the IT departments. "We welcome the fact that there is only a small memory footprint on the machine as only an agent is running on it."
Deep Security provides comprehensive malware protection for the SAP NetWeaver platform. The solution scans and analyzes all content and documentation via the virus scan interface, including embedded graphics and active content that can then be isolated.
Once SLC is introduced, supplier self-registration becomes accessible and the buyer’s department has already begun to gain some experience with it. In a test environment, a virus-infected file was sent, detected. and eliminated by the process. The Trend Micro product has shown itself to be highly accurate and effective in practice.
sourcing manager, UPC Cablecom