SAP says customers - like the NSA - can do what they like with its software

CEO Bill McDermott says reports about SAP's role in the NSA's controversial mass surveillance projects are "misleading" but adds firm is "honoured" that it contributes to national safety.

The vendor was facing questions over ethics after it was revealed that it provides infrastructure for the US intelligence agencies to 'spy' on citizens internationally, and process data for its drone attacks.

It was listed as one of the contractors for the NSA, alongside arms company Raytheon, Lockheed Martin and Northrop.

Further, a report from German news site Zeit Online revealed that the CIA and NSA use SAP's in-memory database Hana as it is one of the fastest on the market.

It found that through the vendor's many acquisitions, it had ownership of a large percentage of surveillance analysis technology, including Inxight, Sybase and partnerships with Palantir.

McDermott said: "SAP's solutions are standard software and our customers decide how they want to use it."

SAP bought Inxight in 2007, (a database that rapidly screens data). A former software developer for intelligence, Jo Lernout, who said that many of his peers have previously worked for Inxight and now for the German vendor said: "Inxight solves the problem of the American surveillance programs to make the enormous amounts of data searchable and to obtain relevant results."

SAP then purchased US database vendor Sybase, whose largest customer is the NSA, according to the newspaper, in 2010.

German foreign intelligence department BND is looking into buying Hana, it was alleged.

McDermott retaliated: "Claims that this setup allows access to customer data are false.

"In addition, there are no so-called "backdoors" built into SAP software and customer data cannot be retrieved externally. No company is more committed to data privacy and security than SAP.

"When we talk about business challenges, few are as significant as public service and public safety. It is unquestionably within our interest to offer software to public agencies as they look to improve outcomes through innovation.

"Technology is one of the means to ensure our safety and to protect people's lives. If our technology contributes to upholding a safe, free and open society, we are honoured by this and committed to doing so with the utmost integrity."

Join the CSO newsletter!

Error: Please check your email address.

Tags securitynsaSAPsoftwarelockheed martinsybaseraytheon

More about BillInxightLockheed MartinNSATechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Margi Murphy

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts