By EK Koh |
Recently Forrester published a report titled “Twelve Recommendations for your Security Program in 2014”. There are many good recommendations. One of them is: “Define your Data and give it an Identity to better protect it”.
This is timely. more “Give your Data an Identity?”
By Ashwin Bhaskar, Senior Software Engineer at NextLabs
Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog used by multiple departments within an enterprise, the view screen hides pricing information for products from a customer support rep that just needs to view technical product information. Whereas, a sales rep viewing the same product catalog would be able to view both technical and pricing information, but cannot make modifications. Granted another level of access. is the pricing team, that can view and modify the price fields of the product catalog. more “SAP Field Level Security – what are my options?”
By Sudhindra Kumar, Principal Software Engineer at NextLabs
In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance.
In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. However, with the proliferation of Internet and cloud technologies, and the subsequent issues related to data breaches have put the spotlight on protecting data at rest as well. Let us take a look at different solutions for protecting data at rest and in transit: more “Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud”
By E.K. Koh
In my last blog, Would data-level controls have stopped Snowden, I highlighted the importance to separate system rights from data rights. But what if Snowden was using a login credential that in fact grants him rights to sensitive data? Accounts vary, but in the blog What the Snowden affair taught us , Anand alluded to the fact that Snowden gained access by stealing credentials of users with higher privilege. Unfortunately, even a system with fine grained data entitlement capabilities will not be able to stop Snowden, under his new identity, from copying sensitive data. more “Can we turn off Snowden’s access after the fact?”
By Sandeep Chopra.
“Attributes” is the new Role?
In the last Gartner Identity and Access Summit in Nov 2013, Gregg Kreizmann, Research VP in Gartner, made a prediction that by 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from <5% today.
In Oct 2013, NIST published their report titled “Guide to Attribute-based Access Control Definition and Consideration”, which we discussed in an earlier blog. This is recognition that organizations, including the federal government, need to govern how information is shared across systems, applications, and organizations. more “Attributes is the new role?”
By Anand Kotti
With use of computer networks and information systems comes security risks. The risks range from unauthorized access, to lost, stolen and cyber-attack on sensitive data. In the recent past, there has been an increase in security breach by insiders, threatening to leak the information confidential to US federal authorities, which caught us completely off guard. more “What the Snowden affair taught us…the Super User problem”
By Andy Han
SharePoint 2013, made generally available (GA) earlier this year, introduces several new features that will impact how information is shared across the enterprise: new social capabilities, improved search, cross-site publishing, and a roadmap for companies that want to move to Office 365 in the Azure cloud. The net impact seems to be that sharing information inside and outside an organization will be even easier. This will likely create new challenges for organizations that want to control how teams are accessing and distributing data in SharePoint. more “SharePoint 2013: Exciting new capabilities to share (leak?) sensitive data”
By Sandeep Chopra.
In my previous post on access control in Windows Fileservers before Windows Server 2012, I argued that container-based authorization can be the right tool for the job when… more “Container Based Controls versus Dynamic Authorization: The Difference in Windows Environments (Part 2)”