What will data-centric security look like over the next 5 years?

As we inch closer to the end of the decade, it doesn’t hurt to start thinking about what the 2020’s will bring in terms of data security.  So, we put on our thinking caps and came up with how we see the data security landscape shaping up as we enter a new decade.

Simply put, we see “data safety” becoming the new data security.  The term “data security” has been around for awhile, but we need to start rethinking the term’s relevance as we tread deeper into a more digitally driven world.

If you want to read up on how we see this world evolving, you can download the paper here.

Upcoming Event: Next-Gen SAP Access Governance Solutions

Organizations today face unique security challenges within their SAP ecosystems. Specifically, they need to protect their sensitive data within their SAP applications and other business-critical applications as well as the data shared with partners and suppliers.

KPMG, a NextLabs partner, will be hosting an event in its New York City office, “Next-Gen SAP Access Governance Solutions: Protecting Data & Regulatory Compliance” on November 22, 10am ET, where you’ll see live demos on how you can leverage Dynamic Authorization Management, Attribute-Based Access Control, Enterprise Digital Rights Management, and Cloud Access Governance to overcome these challenges.

You’ll walk away with a better understanding of the use cases, the solutions, and industry best practices for enhancing your security posture within your SAP and non-SAP environments.

So, click here to secure your spot today!

NextLabs included in Gartner research on data-centric security architecture

Gartner recently published Technical Professional Advice on “How to Successfully Design and Implement a Data-Centric Security Architecture” on July 22, 2019. One of their recommendations is that security and risk management technical professionals dealing with application and data security “should adopt a holistic approach to increase the agility, effectiveness and completeness of data security and protection, by using the framework provided in this research.” 

NextLabs provides solutions across all three Control Families (Insight, Confidentiality Protection, and Monitoring and Response), across multiple data silos (e.g., databases, Big Data, Files and SaaS), and across the different data access types (in app, on access, and at rest).

If you’d like to learn more details about how you can mitigate the threats and compliance issues impacting your data, check out the full Gartner report here (if you’re a Gartner subscriber) or shoot us an email at info@nextlabs.com to see how we can help you design a data-centric security architecture appropriate for your environment.

Identity and Security Go Hand in Hand

We’re in the midst of a key paradigm shift when it comes to security. Instead of focusing on the perimeter like in the old days, attention has now turned to focusing on the data itself. What with the proliferation of cloud services, mobile and IoT advancements, and increasingly globalized workforces, trying to contain the perimeter hasn’t gotten out of hand.

As a result, security professionals are developing strategies and implementing solutions focused on controlling access to sensitive data stores and applications themselves as these are where the most sensitive and/or confidential data originate from.

Thankfully, NextLabs and the Identity-Defined Security Alliance (IDSA) were prescient enough to see this trend coming. The IDSA is comprised of two dozen identity and security vendors (including NextLabs), solution providers, and practitioners that act as an independent source of education and information on identity-centric security strategies. The group facilitates collaboration via a knowledge base spanning practical guidance, best practices, and validated solutions for reducing the risk of data breaches.

Just this week the IDSA released a white paper, “The Path to Zero Trust Starts with Identity,” that examines the Zero Trust paradigm from the point of view of an entire alliance, as opposed to just one vendor’s interpretation.

Ultimately, the IDSA believes that identity-centric security controls can help organizations combine identity and security capabilities to improve their security postures. From unstructured data to applications to attributes, managing and controlling access from identity to data is the key.

For more info…
To read more about the Zero Trust model, you can download the paper here. Additionally, if you’d like to see a demo on how NextLabs can help you put the Zero Trust model into action, click here.

Upcoming Webinar: Next Generation Security Considerations for SAP

KPMG - Securing the ERP Webcast

SAP security requirements are becoming increasingly complex. Security threats, data restrictions, emerging regulations, and innovation in technology is leading traditional approaches to security and access governance to become costly, unmanageable, and without adequate risk coverage in many cases. As your technology landscape evolves, so should your approach to managing security and access governance.

KPMG, a NextLabs partner, will be hosting a webcast, “ERP Risk Series – Next Generation Security Considerations for SAP” on July 11, 2pm ET. They’ll discuss strategies for evolving your access governance and next generation SAP security considerations. The webcast will be hosted by Brian Jensen (Managing Director of the Oracle Risk Management Team), and the featured presenter will be Jonathan Levitt (Director Advisory, GRC Technology).

One CPE credit will be available to U.S. participants who meet the eligibility requirements.

So, click here to secure your spot today!

NextLabs Deepens Its Microsoft Support

Microsoft Dynamics 365

In keeping with our extensive support for Microsoft applications, NextLabs now announces the release of its latest version of Entitlement Manager for Microsoft Dynamics 365 (EM for Dynamics), Microsoft’s CRM application.

We listened to our customers, looked at where the market was headed, and added features consistent with the NextLabs mission of protecting data whether at rest or on the move. This latest release also reflects our deep commitment to the Microsoft stack, augmenting our current support for SharePoint, Exchange, and Outlook.

EM for Dynamics reinforces that commitment with even more granularity and flexibility for Dynamics CRM. 

“Refresh my memory . . . what is Microsoft Dynamics again?”

Microsoft Dynamics CRM is a multi-faceted platform where everything you need to develop, enhance, and retain your client relationships is stored. It centralizes customer information, business intelligence, the ability to track sales opportunities, and more in one application. EM for Dynamics sits on the Microsoft Dynamics CRM Server and works with both on-premises and cloud deployments of Dynamics.

“What are the potential landmines of Dynamics?”

The ease with which Dynamics CRM enables collaborators to share data and manage their own fine-tuned access controls can lead to serious risk exposure in terms of inappropriate data access, distribution, and loss.

To address this challenge, EM for Dynamics was developed to enhance compliance and security for this leading CRM application. It enforces policies on the application across different Dynamics entities, such as contact, account, and so on. Based on policies, EM for Dynamics filters entity records by user attributes and entity attributes. For example, the application can enforce policies to allow account executives to view only those accounts that match their business unit and industry.

“You’ll get nothing and like it . . .”

If your company has very strict controls over who can access what in Dynamics, NextLabs now enables you to shut off access to any records in Dynamics by default. With this policy turned on, users can’t access any records unless explicitly allowed by policy. Thus, users won’t be able to View, Create, Edit, or Delete without permission.

With this approach, enterprises ensure that that their users can only access the Dynamics 365 data they need to do their jobs and are not inadvertently given access to sensitive, classified, or regulated data.

“You can go to prom, but you gotta be back by 1am”

If you don’t want to opt for the “you’ll get nothing and like it” approach to data security and prefer some flexibility, EM for Dynamics now allows you to filter data either at the record level or the field level. You can even make authorization decisions based on user attributes from the native CRM user records.

These new features ensure enterprises have the flexibility to control access to data as granularly as needed by the business or as required by policy – either at the object or field level. They also give enterprises an easy way to make actionable information available to users who would otherwise be denied access to data by policy.

Here are some other examples of the flexibility now afforded by EM for Dynamics:

  • Apply Security Filter: Allows the filtering of entity records based on the user attributes and the entity attributes
  • Display Policy Violation Message: Displays a message to users when a policy violation happens.
  • Inherit Policies From: Allows the filtering of entity records subject to the policy against its “secured” direct parent entities.
  • Apply Security Filter Based on Parent Attributes: Allows the filtering of entity records subject to the attributes against its “secured” direct parent entities.
  • Mask Fields: Allows the masking of specific fields in a record.

For more info . . .

If you’re interested in learning more about NextLabs’ solutions for the entire Microsoft stack, and not just Dynamics, click here.

Words of Wisdom: How to Ensure a Successful ABAC Implementation

Attribute-based access control (“ABAC” for short) has reached the point of mass adoption with respect to access control technologies. In fact, the National Cybersecurity Center of Excellence developed a reference design for ABAC that provides organizations “greater efficiency, flexibility, scalability security.”[1] To ensure that those benefits are realized, however, it’s essential to establish best practice guidelines when it comes to implementing ABAC successfully.

ABAC can be instrumental in reducing enterprise risks such as insider threats, loss of customer data and personally identifiable information (PII), leakage of trade secrets and intellectual property, and fraud. The use of context in access decisions can also lead to substantial cost savings since ABAC systems enable more efficient policy management and regulatory compliance. Furthermore, organizations can continue to leverage much, if not all, of their previous investment in existing IT infrastructure. more “Words of Wisdom: How to Ensure a Successful ABAC Implementation”

Could Your Car Be Hacked? It’s More Possible Than You Think.

When you’re driving your car, you view it as something completely protected. You’re driving it, and if you’ve maintained it, it’s going to likely drive as it should. I recently spoke with a friend who said he views his car as a ‘black box’; he drives it, but he relies on his mechanic to tell him if something is wrong with it. The unfortunate reality is that now, even while you’re driving, your car could potentially be taken over by a rogue hacker.

While it may sound like something out of a spy thriller or sci-fi novel, over the last few years, hackers have found numerous ways to hack into a vehicle, from taking over the on-board navigation system through an unsecured WiFi network designed to look like a public network, to hacking into a local mechanic’s diagnostic system then using that system to access the car’s on-board diagnostics.  more “Could Your Car Be Hacked? It’s More Possible Than You Think.”