By Soujanya Madhurapantula, Senior Product Manager at NextLabs I have had the same conversation with a lot of our customers… it keeps me awake at night. Here is how many customers have described it to me: We have millions of documents sitting in our enterprise application servers that we know are accessible to all our … More Data Segregation: Missing piece in securing Enterprise Content
By Ashwin Bhaskar, Senior Software Engineer at NextLabs In the first part of the blog Series, we discussed the importance of ABAC (Attributes Based Access Control) as a way to augment traditional RBAC (Role Based Access Controls) for field level security. Let us now analyze how we can go about implementing field level security … More SAP Field Level Security – Augmenting Roles with Attributes
by Sudhindra Kumar, Principal Software Engineer at NextLabs Kentucky recently joined 46 other states in the U.S. that enacted a data breach notification law. California is the vanguard – enacting the first such law in 2002. And now, the high profile data breaches of retailers Target and Neiman Marcus are serving as stimulants for revisions to and … More Data Security in the Cloud – beyond Encryption
By EK Koh | Recently Forrester published a report titled “Twelve Recommendations for your Security Program in 2014”. There are many good recommendations. One of them is: “Define your Data and give it an Identity to better protect it”. This is timely. In a recent Ponemon Cost of Data Breach Study, the cost of a … More Give your Data an Identity?
By Ashwin Bhaskar, Senior Software Engineer at NextLabs Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog … More SAP Field Level Security – what are my options?
By Dennis Andrie, On November 18, 2013, The Defense Acquisition Regulatory Council (DARC) issued its final ruling for Defense Acquisition Regulations System (DFARS) Subpart 204.73 and associated contract clause 252.204-7012, Safeguarding of Unclassified Controlled Technical Information.The new subpart presents a high level guide to actions that need to be undertaken by companies that contract or … More DFARS Subpart 204.73 – SAFEGUARDING UNCLASSIFIED CONTROLLED TECHNICAL INFORMATION
By Mandy Pang Microsoft SharePoint server is an outstanding and widely adopted collaboration platform for sharing business-critical data. However, enterprises are finding that SharePoint’s permissions-based security model is not scalable and doesn’t provide adequate controls for sensitive, regulated, and highly valuable data. There is a rapid proliferation of SharePoint sites and data, as well as … More Do you have SharePoint Site Explosion?