Words of Wisdom: How to Ensure a Successful ABAC Implementation

Attribute-based access control (“ABAC” for short) has reached the point of mass adoption with respect to access control technologies. In fact, the National Cybersecurity Center of Excellence developed a reference design for ABAC that provides organizations “greater efficiency, flexibility, scalability security.”[1] To ensure that those benefits are realized, however, it’s essential to establish best practice guidelines when it comes to implementing ABAC successfully.

ABAC can be instrumental in reducing enterprise risks such as insider threats, loss of customer data and personally identifiable information (PII), leakage of trade secrets and intellectual property, and fraud. The use of context in access decisions can also lead to substantial cost savings since ABAC systems enable more efficient policy management and regulatory compliance. Furthermore, organizations can continue to leverage much, if not all, of their previous investment in existing IT infrastructure. more “Words of Wisdom: How to Ensure a Successful ABAC Implementation”

Why Dynamic Authorization Is a Big Deal in Data Security

CollaborationIf you’re unfamiliar with dynamic authorization, be prepared for an epiphany of sorts.  It could very well be the biggest little secret you’ve never heard of with respect to data security.  What with all the cloud apps, mobile devices, Big Data, and productivity tools that consume our professional lives these days, legacy access control solutions are having a difficult time keeping pace. more “Why Dynamic Authorization Is a Big Deal in Data Security”

Providing secure access to information for improved customer service while streamlining IT operations

“Securing customer data in property and casualty insurance, life & savings, and asset management products is tantamount to protecting a company’s ethos. After all, organizations in this industry gain brand loyalty by promising to give customers’ “peace of mind,” which now includes maintaining the privacy and security of their information.

However, one leading global insurance company reports that another business mandate— offering best-in-class customer service—can pose challenges to the mandate to protect customer data. How does an organization provide anytime, anywhere access to services, while also protecting confidential customer data from unauthorized access and leak? more “Providing secure access to information for improved customer service while streamlining IT operations”

The Case for Attribute-Based Policies in eDRM

In today’s collaborative world, eDRM (Enterprise Digital Rights Management) is proving to be one of the most effective ways to share documents with partners. EDRM is a technology that enables companies to restrict access to documents containing sensitive information, both inside and outside the corporate firewall. The way it works is documents are rights protected using AES encryption and then policies are applied to control access and usage rights (view, edit, print, etc.). If a user is not entitled to view the document, he cannot open it. If he is entitled to view the document, usage may be restricted. more “The Case for Attribute-Based Policies in eDRM”

4 Ways IT must Change to Protect your Business

By E.K. Koh, VP of Solutions at NextLabs

It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is essential, but not sufficient. What is your value at risk? It is your DATA.

Data is Valuable

In a survey by Forrester, companies noted that corporate secrets (or intellectual property) comprise 2/3 of their information portfolio, with 1/3 being customer custodial data. The figure below shows the relative value of different types of data rated on a million dollar scale: more “4 Ways IT must Change to Protect your Business”

Is this the Right time for Rights Management?

By E.K. Koh, VP of Solutions at NextLabs

It depends on whether you believe the analysts.

In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the recent European Identity Conference, Kuppinger Cole identified Secure Information Sharing as a hot topic, by calling out Rights Management as an enabler. [Source: EIC 2014: Trends and Hot Topics, Kuppinger Cole, May 2014] more “Is this the Right time for Rights Management?”

Data Retention and Disposal in the cloud

By Sudhindra Kumar, Principal Software Engineer at NextLabs

In this blog series, we’ve discussed some of the key challenges impeding adoption of the cloud. In this instalment, we’ll talk about Data Retention and Disposal in the cloud. A lot of attention is paid to cloud data protection, regulatory compliance for cloud data, and how to handle data breaches. Of equal importance are the Data Retention and Disposal requirements. Both of them are key components of a good information security strategy. more “Data Retention and Disposal in the cloud”

What are the Financial Costs of Data Loss?

By E.K. Koh, VP of Solutions at NextLabs |

The direct financial costs include future loss of revenue when trade secrets are stolen today. According to the Battelle Foundation report “2013 Global R&D Funding Forecast”, the financial costs of intellectual property theft – internal and external – are compounded over time. When trade secrets are stolen, so is the future revenue that would come from licensing and sales of the research and of the products created. more “What are the Financial Costs of Data Loss?”