This document describes the overall approach to security and authorisations taken by the ERP Rebuild program across the applications and processes in its scope. It defines a number of general security aims and objectives, and the principles and specific design choices made to ensure these aims are realised by the project. The subsequent Detailed Design phase of the project will further expand on the level of detail in many areas, such as authorisation role design, specific Segregation of Duties rules, etc. in line with the principles and approaches described here.

General Security Approach

SyWay Project > Security Approach > Security Approach - Inverted Pyramid.png

The diagram in this section aims to visually describe the general approach taken by the ERP Rebuild security design.

Sensitive IP tends to be concentrated in R&I and Manufacturing

As an innovation-driven, science-based company which manufactures many proprietary and highly-specialised products, the sensitive intellectual property of Syensqo is more concentrated in IT systems at or near to the "shop floor", as compared to enterprise systems such as CRM, Supply Chain Planning, or even ERP. Sensitive IP includes proprietary data about Syensqo's products and their design, formulation, composition, and manufacture, but also information about the design and configuration of the manufacturing processes themselves. Loss of such information could benefit Syensqo's competition and erode the company's market position, and thus this must be closely guarded.

Enterprise Systems hold comparatively less Sensitive IP

Enterprise systems farther removed from the research and manufacturing operations may of course contain data which must be safeguarded against improper access or loss, such as financial data or personal information, but generally contain less sensitive intellectual property than systems in the R&I and manufacturing domains. Legal and regulatory requirements may exist to mandate specific safeguards for any kind of data regardless of which systems they reside in. However sensitive IP is distinguished by the need to closely control access even in the absence of specific regulatory requirements due to the value to Syensqo.

As can be seen in the diagram, ERP systems straddle the boundary between these "top floor" and "shop floor" worlds. ERP systems contain some limited "shop floor" IP, such as bills of materials, but this is generally a small fraction of the total. Due to this limited volume, and the limited number of users and processes which must access this, targeted security controls can thus be implemented to protect it.

Access to Sensitive IP will be narrowly constrained

As a general principle, the more closely data is related to manufacturing, product development, and other "shop floor" concerns, the more restricted the access. At its most extreme, access to Bills of Material will be granted to only those users who require this for their jobs, and only to those materials extended to the locations at which those users work and their GBU. To implement the need to know and least-privilege principles, personnel with manufacturing access inside ERP will not be able to see sensitive data about materials not explicitly marked as relevant to their work locations or GBUs.

Broad access across organisation units precludes access to Sensitive IP

Users who, by virtue of their job, require access to data from multiple Plants or across GBUs, such as workers in GBS or Transversal functions, will be prevented from accessing sensitive IP altogether. Many job functions genuinely require access to data across multiple plants, countries, GBUs, or other organisation structures. However such access cannot be granted to Sensitive IP due to the risk of large-scale disclosure and loss.

The principle of least privilege continues to apply here to limit access only to the data required for the user's job. For example, a Regional Transportation Planner will have access only to their assigned region, rather than to all data globally.

Regulatory constraints are enforced at all times

Regulatory requirements such as export controls may place additional restrictions upon data access. These will be enforced using systematic controls at all times, and will act in addition to the organisational restrictions explained above.