If you’re unfamiliar with dynamic authorization, be prepared for an epiphany of sorts. It could very well be the biggest little secret you’ve never heard of with respect to data security. What with all the cloud apps, mobile devices, Big Data, and productivity tools that consume our professional lives these days, legacy access control solutions are having a difficult time keeping pace. more “Why Dynamic Authorization Is a Big Deal in Data Security”
NextLabs routinely advises customers whose businesses handle Controlled Technical Data (CTD) such as ITAR, EAR, and data controlled by non-US Jurisdictions, to take a proactive, systematic approach to managing CTD throughout its lifecycle. Many of these enterprises have been in business for a number of decades, during which time they have created substantial CTD organically, and acquired additional CTD through various business transactions and transformations. The CTD routinely spans every type of electronic storage that has ever been used in the enterprise. A portion of this CTD, in some cases a substantial portion, has reached Legacy CTD status, which means that it is no longer actively used in the normal business operations of the enterprise. more “A Systematic Approach to Controlled Technical Data”
“Securing customer data in property and casualty insurance, life & savings, and asset management products is tantamount to protecting a company’s ethos. After all, organizations in this industry gain brand loyalty by promising to give customers’ “peace of mind,” which now includes maintaining the privacy and security of their information.
However, one leading global insurance company reports that another business mandate— offering best-in-class customer service—can pose challenges to the mandate to protect customer data. How does an organization provide anytime, anywhere access to services, while also protecting confidential customer data from unauthorized access and leak? more “Providing secure access to information for improved customer service while streamlining IT operations”
Beyond Cyber-Hacking: The Growing Threats of Internal Theft and Data Mishandling
Designers and manufacturers of high tech products and services, particularly in aerospace and defense, have always spent huge amounts of money to protect intellectual property (IP) from loss and leak. The bulk of security efforts typically focuses on the growing threat of external intrusion from outside the company, particularly from overseas cyber-hackers. This focus is not surprising given the media attention on high profile cyber-hacking incidents, especially the details divulged by the Snowden documents. NSA documents reveal a huge amount of data related to defense technologies being stolen: the equivalent of five Libraries of Congress (50 terabytes). more “Protecting Intellectual Property for Product Lifecycle Management (PLM): The Right Way to Do Rights Management”
In today’s collaborative world, eDRM (Enterprise Digital Rights Management) is proving to be one of the most effective ways to share documents with partners. EDRM is a technology that enables companies to restrict access to documents containing sensitive information, both inside and outside the corporate firewall. The way it works is documents are rights protected using AES encryption and then policies are applied to control access and usage rights (view, edit, print, etc.). If a user is not entitled to view the document, he cannot open it. If he is entitled to view the document, usage may be restricted. more “The Case for Attribute-Based Policies in eDRM”
In their recent article on Big Data Management and Trends, Gartner identifies Enterprise Data as one of the key challenges facing organizations. The challenge is consolidating data from disparate sources across the extended enterprise and transforming it into critical business intelligence.
“You have many data disparate sources – from your enterprise’s ‘dark data’ and partner, employee, customer and supplier data to public, commercial and social media data – that you need to link and exploit to its fullest value.”
As companies grow and expand globally, there is an increasing number of enterprise application users, and with this growth, an ever increasing risk of security breaches and violations. As enterprises are becoming more susceptible to security risks and violations from internal users, businesses are moving towards implementing more preventative measures rather than staying in reactive mode.
SAP GRC enables organizations to establish effective internal controls, along with processes to make sure these controls remain consistent, updated and cost-effective to manage. Administrators can now use a single SAP GRC framework to monitor and enforce business, compliance and security policies across the enterprise. SAP has enhanced the GRC offering to include the SAP Dynamic Authorization Management by NextLabs to ensure that companies can quickly adapt to changing policies and streamline enforcement and administration of those policies. more “Real Time Enforcement for Risk Management”
By E.K. Koh, VP of Solutions, NextLabs, Inc.
An interview with Luis F. Dannenfels, Senior Principal Architect, Raytheon
NextLabs recently sat down with Luis F. Dannenfels, Senior Principal Architect at Raytheon, to discuss the challenges that A&D companies face in the age of globalization and access anywhere, from any device. Luis talks about the challenges and the solutions. Below is an excerpt of the interview: more “Data Security Challenges for the Global A&D Supply Chain”