By E.K. Koh, VP of Solutions at NextLabs It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is … More 4 Ways IT must Change to Protect your Business
By E.K. Koh, VP of Solutions at NextLabs It depends on whether you believe the analysts. In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the … More Is this the Right time for Rights Management?
By Sudhindra Kumar, Principal Software Engineer at NextLabs In this blog series, we’ve discussed some of the key challenges impeding adoption of the cloud. In this instalment, we’ll talk about Data Retention and Disposal in the cloud. A lot of attention is paid to cloud data protection, regulatory compliance for cloud data, and how to … More Data Retention and Disposal in the cloud
By E.K. Koh, VP of Solutions at NextLabs | The direct financial costs include future loss of revenue when trade secrets are stolen today. According to the Battelle Foundation report “2013 Global R&D Funding Forecast”, the financial costs of intellectual property theft – internal and external – are compounded over time. When trade secrets are stolen, … More What are the Financial Costs of Data Loss?
By Ashwin Bhaskar, Senior Software Engineer at NextLabs In the first part of the blog Series, we discussed the importance of ABAC (Attributes Based Access Control) as a way to augment traditional RBAC (Role Based Access Controls) for field level security. Let us now analyze how we can go about implementing field level security … More SAP Field Level Security – Augmenting Roles with Attributes
By EK Koh | Recently Forrester published a report titled “Twelve Recommendations for your Security Program in 2014”. There are many good recommendations. One of them is: “Define your Data and give it an Identity to better protect it”. This is timely. In a recent Ponemon Cost of Data Breach Study, the cost of a … More Give your Data an Identity?
By Dennis Andrie, On November 18, 2013, The Defense Acquisition Regulatory Council (DARC) issued its final ruling for Defense Acquisition Regulations System (DFARS) Subpart 204.73 and associated contract clause 252.204-7012, Safeguarding of Unclassified Controlled Technical Information.The new subpart presents a high level guide to actions that need to be undertaken by companies that contract or … More DFARS Subpart 204.73 – SAFEGUARDING UNCLASSIFIED CONTROLLED TECHNICAL INFORMATION
By Sudhindra Kumar, Principal Software Engineer at NextLabs In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance. In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. … More Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud
By E.K. Koh In my last blog, Would data-level controls have stopped Snowden, I highlighted the importance to separate system rights from data rights. But what if Snowden was using a login credential that in fact grants him rights to sensitive data? Accounts vary, but in the blog What the Snowden affair taught us , … More Can we turn off Snowden’s access after the fact?
By Sandeep Chopra. “Attributes” is the new Role? In the last Gartner Identity and Access Summit in Nov 2013, Gregg Kreizmann, Research VP in Gartner, made a prediction that by 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from <5% today. In Oct … More Attributes is the new role?
nextlabs.wordpress.com 