4 Ways IT must Change to Protect your Business

By E.K. Koh, VP of Solutions at NextLabs It’s not your perimeter. It’s not your applications. In an age where there is no perimeter, where data moves from application to application, from servers to desktops to tablets and smart phones that the company does not even own, managing security at the perimeter or application is … More 4 Ways IT must Change to Protect your Business

Protecting Against Data Breach – what offers the best bang for your buck?

By E.K. Koh, VP of Solutions at NextLabs   There has been a lot of talk about how data breach is exponentially increasing. In a recent NIST cyber security framework, there is an entire segment on “Protecting” Data. To be effective against cyber-breach, we all agree that implementing all elements of the NIST framework is … More Protecting Against Data Breach – what offers the best bang for your buck?

SAP Field Level Security – Augmenting Roles with Attributes

By Ashwin Bhaskar, Senior Software Engineer at NextLabs   In the first part of the blog Series, we discussed the importance of ABAC (Attributes Based Access Control) as a way to augment traditional RBAC (Role Based Access Controls) for field level security. Let us now analyze how we can go about implementing field level security … More SAP Field Level Security – Augmenting Roles with Attributes

SAP Field Level Security – what are my options?

By Ashwin Bhaskar, Senior Software Engineer at NextLabs   Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog … More SAP Field Level Security – what are my options?

Is Role-Based Access Control Sufficient?

By Soujanya Madhurapantula. In SAP’s role-based security architecture, Users and Authorization objects are used to create profiles, such as “buyer” or “payer”, and these are used to define functional roles. As a counter measure for potential fraud, the GRC Access Control Segregation of Duties can dictate that a user should not have, for example, both … More Is Role-Based Access Control Sufficient?