By E.K. Koh, VP of Solutions at NextLabs It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is … More 4 Ways IT must Change to Protect your Business
By E.K. Koh, VP of Solutions at NextLabs It depends on whether you believe the analysts. In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the … More Is this the Right time for Rights Management?
by Sudhindra Kumar, Principal Software Engineer at NextLabs Kentucky recently joined 46 other states in the U.S. that enacted a data breach notification law. California is the vanguard – enacting the first such law in 2002. And now, the high profile data breaches of retailers Target and Neiman Marcus are serving as stimulants for revisions to and … More Data Security in the Cloud – beyond Encryption
By Ashwin Bhaskar, Senior Software Engineer at NextLabs Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog … More SAP Field Level Security – what are my options?
By Sudhindra Kumar, Principal Software Engineer at NextLabs In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance. In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. … More Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud
By E.K. Koh In my last blog, Would data-level controls have stopped Snowden, I highlighted the importance to separate system rights from data rights. But what if Snowden was using a login credential that in fact grants him rights to sensitive data? Accounts vary, but in the blog What the Snowden affair taught us , … More Can we turn off Snowden’s access after the fact?
By E.K. Koh The blog What the Snowden affair taught us questioned, “Why should a system administrator be allowed to download and move files? Shouldn’t system privilege and data privilege be separate?” Ideally “yes”, but in practice, that has not been the case. Most system administrators have unfettered access to data given their system privilege. … More Would data level controls have stopped Snowden?