NextLabs Deepens Its Microsoft Support

Microsoft Dynamics 365

In keeping with our extensive support for Microsoft applications, NextLabs now announces the release of its latest version of Entitlement Manager for Microsoft Dynamics 365 (EM for Dynamics), Microsoft’s CRM application.

We listened to our customers, looked at where the market was headed, and added features consistent with the NextLabs mission of protecting data whether at rest or on the move. This latest release also reflects our deep commitment to the Microsoft stack, augmenting our current support for SharePoint, Exchange, and Outlook.

EM for Dynamics reinforces that commitment with even more granularity and flexibility for Dynamics CRM. 

“Refresh my memory . . . what is Microsoft Dynamics again?”

Microsoft Dynamics CRM is a multi-faceted platform where everything you need to develop, enhance, and retain your client relationships is stored. It centralizes customer information, business intelligence, the ability to track sales opportunities, and more in one application. EM for Dynamics sits on the Microsoft Dynamics CRM Server and works with both on-premises and cloud deployments of Dynamics.

“What are the potential landmines of Dynamics?”

The ease with which Dynamics CRM enables collaborators to share data and manage their own fine-tuned access controls can lead to serious risk exposure in terms of inappropriate data access, distribution, and loss.

To address this challenge, EM for Dynamics was developed to enhance compliance and security for this leading CRM application. It enforces policies on the application across different Dynamics entities, such as contact, account, and so on. Based on policies, EM for Dynamics filters entity records by user attributes and entity attributes. For example, the application can enforce policies to allow account executives to view only those accounts that match their business unit and industry.

“You’ll get nothing and like it . . .”

If your company has very strict controls over who can access what in Dynamics, NextLabs now enables you to shut off access to any records in Dynamics by default. With this policy turned on, users can’t access any records unless explicitly allowed by policy. Thus, users won’t be able to View, Create, Edit, or Delete without permission.

With this approach, enterprises ensure that that their users can only access the Dynamics 365 data they need to do their jobs and are not inadvertently given access to sensitive, classified, or regulated data.

“You can go to prom, but you gotta be back by 1am”

If you don’t want to opt for the “you’ll get nothing and like it” approach to data security and prefer some flexibility, EM for Dynamics now allows you to filter data either at the record level or the field level. You can even make authorization decisions based on user attributes from the native CRM user records.

These new features ensure enterprises have the flexibility to control access to data as granularly as needed by the business or as required by policy – either at the object or field level. They also give enterprises an easy way to make actionable information available to users who would otherwise be denied access to data by policy.

Here are some other examples of the flexibility now afforded by EM for Dynamics:

  • Apply Security Filter: Allows the filtering of entity records based on the user attributes and the entity attributes
  • Display Policy Violation Message: Displays a message to users when a policy violation happens.
  • Inherit Policies From: Allows the filtering of entity records subject to the policy against its “secured” direct parent entities.
  • Apply Security Filter Based on Parent Attributes: Allows the filtering of entity records subject to the attributes against its “secured” direct parent entities.
  • Mask Fields: Allows the masking of specific fields in a record.

For more info . . .

If you’re interested in learning more about NextLabs’ solutions for the entire Microsoft stack, and not just Dynamics, click here.

Guy Bursell Shares About the Challenges of Data in the Extended Enterprise Ecosystem

NextLabs partners closely with Siemens to help protect Teamcenter PLM data across the extended enterprise. In the age of Industry 4.0, manufacturing has changed — intellectual property is shared with third party manufacturing partners. NextLabs Enterprise Digital Rights Management solution for Siemens Teamcenter provides the protection organizations need to ensure their intellectual property is secure. Guy Bursell, Siemens Teamcenter Product Manager, has shared this article that gives an in-depth look at the challenges and risks companies must consider across their entire engineering and manufacturing ecosystems. more “Guy Bursell Shares About the Challenges of Data in the Extended Enterprise Ecosystem”

Protecting Intellectual Property for Product Lifecycle Management (PLM): The Right Way to Do Rights Management

Beyond Cyber-Hacking: The Growing Threats of Internal Theft and Data Mishandling

Designers and manufacturers of high tech products and services, particularly in aerospace and defense, have always spent huge amounts of money to protect intellectual property (IP) from loss and leak. The bulk of security efforts typically focuses on the growing threat of external intrusion from outside the company, particularly from overseas cyber-hackers. This focus is not surprising given the media attention on high profile cyber-hacking incidents, especially the details divulged by the Snowden documents. NSA documents reveal a huge amount of data related to defense technologies being stolen: the equivalent of five Libraries of Congress (50 terabytes). more “Protecting Intellectual Property for Product Lifecycle Management (PLM): The Right Way to Do Rights Management”

Real Time Enforcement for Risk Management

As companies grow and expand globally, there is an increasing number of enterprise application users, and with this growth, an ever increasing risk of security breaches and violations. As enterprises are becoming more susceptible to security risks and violations from internal users, businesses are moving towards implementing more preventative measures rather than staying in reactive mode.

SAP GRC enables organizations to establish effective internal controls, along with processes to make sure these controls remain consistent, updated and cost-effective to manage. Administrators can now use a single SAP GRC framework to monitor and enforce business, compliance and security policies across the enterprise. SAP has enhanced the GRC offering to include the SAP Dynamic Authorization Management  by NextLabs to ensure that companies can quickly adapt to changing policies and streamline enforcement and administration of those policies. more “Real Time Enforcement for Risk Management”

Data Segregation: Missing piece in securing Enterprise Content

By Soujanya Madhurapantula, Senior Product Manager at NextLabs

I have had the same conversation with a lot of our customers… it keeps me awake at night.

Here is how many customers have described it to me:

We have millions of documents sitting in our enterprise application servers that we know are accessible to all our users. We are subject to regulations that require us to identify classified documents within these large sets of data, and segregate them into restricted servers. It is also important for us to restrict users from storing documents in the wrong servers. We are not sure how to segregate this data and put them into the right physical servers. This project is so complex, we do not even know where to start. more “Data Segregation: Missing piece in securing Enterprise Content”

SAP Field Level Security – Augmenting Roles with Attributes

By Ashwin Bhaskar, Senior Software Engineer at NextLabs

In the first part of the blog Series, we discussed the importance of ABAC (Attributes Based Access Control) as a way to augment traditional RBAC (Role Based Access Controls) for field level security.

Let us now analyze how we can go about implementing field level security using a combination of RBAC and ABAC approaches. more “SAP Field Level Security – Augmenting Roles with Attributes”

SAP Field Level Security – what are my options?

By Ashwin Bhaskar, Senior Software Engineer at NextLabs

Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog used by multiple departments within an enterprise, the view screen hides pricing information for products from a customer support rep that just needs to view technical product information. Whereas, a sales rep viewing the same product catalog would be able to view both technical and pricing information, but cannot make modifications.   Granted another level of access. is the pricing team, that can view and modify the price fields of the product catalog. more “SAP Field Level Security – what are my options?”