Select Page

SF-SafeDump
data privacy and
security for
diagnostics
(dumps, logs and traces)
on all platforms

DOWNLOAD: 12-seitige Informationsbroschüre „Sicherheitsrisiko durch datenschutzwidrigen Abfluss sensibler Daten und Geschäftsgeheimnisse im IT-Betrieb“ als PDF
→ für die Schweiz   und → für Deutschland , Österreich und EU

SF-SafeDump and Data Privacy for IT Diagnostics on z/OS (PDF) →

Bestellung ONLINE-PRÄSENTATION LIVE: Vortrag mit Live-Demonstration von SF-SafeDump online zu Ihrem Wunschtermin → für die Schweiz   und → für Deutschland , Österreich und EU

With the patented SF-SafeDump technology you achieve data privacy for IT diagnostics on all platforms and fully enforce your privacy and data leakage prevention policies in the field of dump, log and trace files – be smart, and avoid the risk of European GDPR or Swiss DPA penalties, and comply with DORA and NIS-2.

Prevent confidential data leakage via dump, log and trace file anonymization

N

Eliminate all confidential data from your dump, log and trace files

N

Ensure that all diagnostic files remain technically fully usable

N

Rely on a comprehensive, efficient and transparent anonymization procedure

Did you know that your company‘s IT staff sends dump, log and trace files with highly confidential information to external third parties every day and thus violates elementary security policies without even knowing it? 

What, in fact, is a dump file?

When more complex technical problems need to be solved, as in the case of an abnormally terminating (“abending”) program, application or system, software vendors will ask for a so-called “dump”, which captures every detail surrounding the error or problem. Such a dump file is a snapshot of the current status at the time of error, including all the required debug data, e.g. memory content, processor registers, any currently executed SQL statement, etc. While system programmers deal with system, memory, core or kernel dumps, application developers prefer to work with “user mode process dumps” or SQL dumps. Additional types result from other sources. Dump files easily become huge and may include a gigabyte or more of data. When browsing through a dump file you may easily feel overwhelmed by an almost infinite amount of purely technical information.

What is the security-related problem regarding dump files?

For non-specialists these files look boring, or even worse, harmless, since most of the information seems to be binary or even cryptic, i.e. in a format unreadable to humans. No one will assume that these “ugly” dump files might include highly sensitive company secrets, such as confidential client information or the security-related details of your systems.

How do secrets get into dump files?

Dump files will include confidential and revealing information when the application and system memories are captured – for debugging purposes only, of course. Such a memory dump may include client names, account or credit card numbers, and many other kinds of critical data stored for processing the moment it was made.

How do secrets get into log files?

Compared to dump files, most log files are continuously created. The most known and common one is the system log, also called “syslog.”  It’s starting at system boot time and continuously receives a broad spectrum of messages. Therefore, it’s not only technical, but also includes sensitive details, such as names, IP addresses, and much more.

Aside from the system log, application create separate log files of individual formats. Since they directly relate to your business, most application logs are even more sensitive than the syslog.

What, in fact, is a trace file?

So-called traces are started explicitly in order to keep track of specific processing in detail. The most known trace is given with the “TCP trace” or “IP trace.” In case of network or communication problems, the network administrator may start such a TCP trace for completely or partially capturing the network traffic.

It’s obvious that TCP traces include highly sensitive data, starting with IP-related details, such as IP addresses, keys, etc., and ending with the actual data packages transferred via the network. Since the entire trace data is binary-coded, trace files are pretty much of the same complexity as dump files. You cannot simply open them with a regular editor. Wireshark is the most known tool for analyzing TCP traces.

Aside from TCP or IP traces, some operating systems support the creation of so-called system traces. If enabled, a system trace captures all or specific system function and service calls. Therefore, it’s a completely different type of diagnostic data, and system trace files significantly differ from TCP trace files. 

Solution:

SF-SafeDump – dump, log and trace file anonymization for all platforms

How can you solve this high-risk security problem?

Our SF-SafeDump solution finally prevents your IT diagnostic files from including confidential or security-critical data, allows them to remain completely technically usable for their actual purpose – that of solving your software problems. Our expert knowledge based on more than 15 years of experience in this field guarantees the ultimate solution to this quite tricky and hidden problem.

Your IT staff will definitely support this kind of data leakage prevention ensured by our SF-SafeDump technology!

Since fully transparent integration is ensured, SF-SafeDump always matches all current diagnostic file handling and operational procedures established with your service partners. This means there is simply no impact on how your specialists currently transfer, compress, manage and analyze their dump files. These files simply become safe and compliant by no longer unveiling any secrets!

Finally you can fully enforce your data leakage prevention policies by including even the trickiest and most technical data leaks in IT: dump, log and trace files. SF-SafeDump is the  powerful measure preventing any leakage of information that may result from frequently performed diagnostic file exchanges between software users and their vendors. SF-SafeDump lets you enforce a modern and safe information provisioning policy to provide information on a need-to-know basis. Without proper anonymization, your information leakage prevention policy will definitely not be up-to-date.

Why does anonymization have to be done locally and cannot be offered as a cloud service?

The data protection risk would not be eliminated in any form by a cloud solution. You would have an order processing agreement with the cloud anonymizer, just like with the software vendor. You would have to contractually record the sensitive data and trade secrets in detail and justify why you are deliberately giving them to the outside world for no specific purpose.

The fatal consequence of anonymization outsourced to the cloud would be that external parties would have to deal intensively with your sensitive data and company secrets in various processing stages and locations. This is because they would systematize the data in order to feed it into their own algorithms. The new focus specifically on the sensitive data of companies and thus of entire economic areas would pose a disproportionately greater data protection threat than the free dispatch of dumps and logs that has taken place up to now. This went virtually unnoticed under the radar. With the cloud activities, it would become even more visible and could even become a starting point for state, intelligence or economic policy interests.

Now, you better understand why we cannot offer SF-SafeDump as a cloud service. Such a service would simply be in conflict with the actual idea standing behind data privacy for diagnostics.

Dump, log and trace file anonymization to effectively prevent confidential data leakage and theft

Compliance

Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.

Protection

With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!

SF Solutions

All SF solutions are invented and developed in-house. Therefore, you can count on both our unique expertise and our high level of motivation in providing you with solutions and services with maximum performance, effectiveness, and productivity.

Are you expecting a governmental audit of your mainframe platform soon, as
by the BaFin, ECB, or one of
the “Big Four”?

Let us help you prepare your mainframe security and compliance.

+800 - 37 333 853 or simply dial: +800 - DRFEDTKE

Call our world-wide toll-free number now!

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011)

News & IT Security Forum

Our presentation at the cyber insurance symposium

At the symposium “Cyber insurance in practice – from product development to underwriting to claims management”, we will be giving a presentation on the topic “After Microsoft key theft from crash dump: updating cyber insurance obligations”. You can find all further details here.

Join our newsletter list

Worldwide toll-free phone number

+800 - 37 333 853
or simply dial:
+800 - DRFEDTKE

Alternatively:
+41 (0)41 710 7444

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011, and you have to dial 011-800-37333853)

Find Us

Headquarters

Seestrasse 3a, 6300 Zug, Switzerland

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

Social Media

Xing → Linkedin →

Write Us

Marketing
marketing@enterprise-it-security.com
copy the address

Technical support and hotline
hotline@enterprise-it-security.com
copy the address

Legal and compliance
legal@enterprise-it-security.com
copy the address