4 Ways IT must Change to Protect your Business

By E.K. Koh, VP of Solutions at NextLabs

It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is essential, but not sufficient. What is your value at risk? It is your DATA.

Data is Valuable

In a survey by Forrester, companies noted that corporate secrets (or intellectual property) comprise 2/3 of their information portfolio, with 1/3 being customer custodial data. The figure below shows the relative value of different types of data rated on a million dollar scale: more “4 Ways IT must Change to Protect your Business”

Is this the Right time for Rights Management?

By E.K. Koh, VP of Solutions at NextLabs

It depends on whether you believe the analysts.

In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the recent European Identity Conference, Kuppinger Cole identified Secure Information Sharing as a hot topic, by calling out Rights Management as an enabler. [Source: EIC 2014: Trends and Hot Topics, Kuppinger Cole, May 2014] more “Is this the Right time for Rights Management?”

SAP Field Level Security – Augmenting Roles with Attributes

By Ashwin Bhaskar, Senior Software Engineer at NextLabs

In the first part of the blog Series, we discussed the importance of ABAC (Attributes Based Access Control) as a way to augment traditional RBAC (Role Based Access Controls) for field level security.

Let us now analyze how we can go about implementing field level security using a combination of RBAC and ABAC approaches. more “SAP Field Level Security – Augmenting Roles with Attributes”

Data Security in the Cloud – beyond Encryption

by Sudhindra Kumar, Principal Software Engineer at NextLabs

Kentucky recently joined 46 other states in the U.S. that enacted a data breach notification law.  California is the vanguard – enacting the first such law in 2002.  And now, the high profile data breaches of retailers Target and Neiman Marcus are serving as stimulants for revisions to and improvements of the breach notification laws. more “Data Security in the Cloud – beyond Encryption”

Attributes is the new role?

By Sandeep Chopra.

“Attributes” is the new Role?

In the last Gartner Identity and Access Summit in Nov 2013, Gregg Kreizmann, Research VP in Gartner, made a prediction that by 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from <5% today.

In Oct 2013, NIST published their report titled “Guide to Attribute-based Access Control Definition and Consideration”, which we discussed in an earlier blog. This is recognition that organizations, including the federal government, need to govern how information is shared across systems, applications, and organizations. more “Attributes is the new role?”