NextLabs included in Gartner research on data-centric security architecture

Gartner recently published Technical Professional Advice on “How to Successfully Design and Implement a Data-Centric Security Architecture” on July 22, 2019. One of their recommendations is that security and risk management technical professionals dealing with application and data security “should adopt a holistic approach to increase the agility, effectiveness and completeness of data security and protection, by using the framework provided in this research.” 

NextLabs provides solutions across all three Control Families (Insight, Confidentiality Protection, and Monitoring and Response), across multiple data silos (e.g., databases, Big Data, Files and SaaS), and across the different data access types (in app, on access, and at rest).

If you’d like to learn more details about how you can mitigate the threats and compliance issues impacting your data, check out the full Gartner report here (if you’re a Gartner subscriber) or shoot us an email at info@nextlabs.com to see how we can help you design a data-centric security architecture appropriate for your environment.

4 Ways IT must Change to Protect your Business

By E.K. Koh, VP of Solutions at NextLabs

It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is essential, but not sufficient. What is your value at risk? It is your DATA.

Data is Valuable

In a survey by Forrester, companies noted that corporate secrets (or intellectual property) comprise 2/3 of their information portfolio, with 1/3 being customer custodial data. The figure below shows the relative value of different types of data rated on a million dollar scale: more “4 Ways IT must Change to Protect your Business”

SAP Field Level Security – what are my options?

By Ashwin Bhaskar, Senior Software Engineer at NextLabs

Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog used by multiple departments within an enterprise, the view screen hides pricing information for products from a customer support rep that just needs to view technical product information. Whereas, a sales rep viewing the same product catalog would be able to view both technical and pricing information, but cannot make modifications.   Granted another level of access. is the pricing team, that can view and modify the price fields of the product catalog. more “SAP Field Level Security – what are my options?”

DAC in 2 Minutes

By Sandeep Chopra.

In my last two posts on Dynamic Access Control (DAC), I described some of the limitations of traditional approaches to Authorization Management (see here) and how dynamic authorization is different (see here). It’s all about choosing the right tool for the job. more “DAC in 2 Minutes”

Industry Spotlight: How does GE Oil & Gas manage operational Information Risk?

By EK Koh.

Many companies need to protect sensitive intellectual property (IP) as they collaborate globally on product designs and across multi-level supply chains. They also need to comply with cross-border export regulations even as they collaborate and share technical data with global customers, partners and employees. more “Industry Spotlight: How does GE Oil & Gas manage operational Information Risk?”