Industry Spotlight: How does GE Oil & Gas manage operational Information Risk?

By EK Koh. Many companies need to protect sensitive intellectual property (IP) as they collaborate globally on product designs and across multi-level supply chains. They also need to comply with cross-border export regulations even as they collaborate and share technical data with global customers, partners and employees.

Container-Based Controls versus Dynamic Authorization: The Difference in Windows Environments (Part 1 of 2)

By Sandeep Chopra. If you are debating whether to upgrade to Windows Server 2012, plenty of articles describe its new security benefits (for example, see here and here). Fewer articles discuss the basic shift in Access Management this release can enable. To understand the potential benefits of one key feature, Dynamic Access Control, it’s useful … More Container-Based Controls versus Dynamic Authorization: The Difference in Windows Environments (Part 1 of 2)

Combining Role-Based Access Control with Attribute-Based Access Control for Export Compliance

By Soujanya Madhurapantula. Recap: the 2-layer SAP authorization model In our previous post, we introduced a 2-layer SAP authorisation model: a combination of Role-Based Access Control plus Attribute-Based Access Control. To comply with regulatory mandates such as export control, where access to data is dependent on multiple factors, such as location, nationality and content, it … More Combining Role-Based Access Control with Attribute-Based Access Control for Export Compliance