4 Ways IT must Change to Protect your Business

By E.K. Koh, VP of Solutions at NextLabs

It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is essential, but not sufficient. What is your value at risk? It is your DATA.

Data is Valuable

In a survey by Forrester, companies noted that corporate secrets (or intellectual property) comprise 2/3 of their information portfolio, with 1/3 being customer custodial data. The figure below shows the relative value of different types of data rated on a million dollar scale: more “4 Ways IT must Change to Protect your Business”

Is this the Right time for Rights Management?

By E.K. Koh, VP of Solutions at NextLabs

It depends on whether you believe the analysts.

In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the recent European Identity Conference, Kuppinger Cole identified Secure Information Sharing as a hot topic, by calling out Rights Management as an enabler. [Source: EIC 2014: Trends and Hot Topics, Kuppinger Cole, May 2014] more “Is this the Right time for Rights Management?”

Data Retention and Disposal in the cloud

By Sudhindra Kumar, Principal Software Engineer at NextLabs

In this blog series, we’ve discussed some of the key challenges impeding adoption of the cloud. In this instalment, we’ll talk about Data Retention and Disposal in the cloud. A lot of attention is paid to cloud data protection, regulatory compliance for cloud data, and how to handle data breaches. Of equal importance are the Data Retention and Disposal requirements. Both of them are key components of a good information security strategy. more “Data Retention and Disposal in the cloud”

What are the Financial Costs of Data Loss?

By E.K. Koh, VP of Solutions at NextLabs |

The direct financial costs include future loss of revenue when trade secrets are stolen today. According to the Battelle Foundation report “2013 Global R&D Funding Forecast”, the financial costs of intellectual property theft – internal and external – are compounded over time. When trade secrets are stolen, so is the future revenue that would come from licensing and sales of the research and of the products created. more “What are the Financial Costs of Data Loss?”

SAP Field Level Security – Augmenting Roles with Attributes

By Ashwin Bhaskar, Senior Software Engineer at NextLabs

In the first part of the blog Series, we discussed the importance of ABAC (Attributes Based Access Control) as a way to augment traditional RBAC (Role Based Access Controls) for field level security.

Let us now analyze how we can go about implementing field level security using a combination of RBAC and ABAC approaches. more “SAP Field Level Security – Augmenting Roles with Attributes”

DFARS Subpart 204.73 – SAFEGUARDING UNCLASSIFIED CONTROLLED TECHNICAL INFORMATION

By Dennis Andrie,

On November 18, 2013, The Defense Acquisition Regulatory Council (DARC) issued its final ruling for Defense Acquisition Regulations System (DFARS) Subpart 204.73 and associated contract clause 252.204-7012, Safeguarding of Unclassified Controlled Technical Information.The new subpart presents a high level guide to actions that need to be undertaken by companies that contract or subcontract with the U.S. Government to protect Unclassified Controlled Technical Information in the course of executing the U.S. Government contracts. more “DFARS Subpart 204.73 – SAFEGUARDING UNCLASSIFIED CONTROLLED TECHNICAL INFORMATION”

Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud

By Sudhindra Kumar, Principal Software Engineer at NextLabs

In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance.

In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. However, with the proliferation of Internet and cloud technologies, and the subsequent issues related to data breaches have put the spotlight on protecting data at rest as well. Let us take a look at different solutions for protecting data at rest and in transit: more “Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud”