By Ashwin Bhaskar, Senior Software Engineer at NextLabs Today’s ERP systems demand tight security controls at multiple levels of the application design. Most ERP systems, including SAP, are transactional in nature. Our customers have frequently asked us about extending security controls beyond transactions at a field level. For example, take a digital product catalog … More SAP Field Level Security – what are my options?
By Sudhindra Kumar, Principal Software Engineer at NextLabs In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance. In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. … More Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud
By E.K. Koh In my last blog, Would data-level controls have stopped Snowden, I highlighted the importance to separate system rights from data rights. But what if Snowden was using a login credential that in fact grants him rights to sensitive data? Accounts vary, but in the blog What the Snowden affair taught us , … More Can we turn off Snowden’s access after the fact?
By Sandeep Chopra. “Attributes” is the new Role? In the last Gartner Identity and Access Summit in Nov 2013, Gregg Kreizmann, Research VP in Gartner, made a prediction that by 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from <5% today. In Oct … More Attributes is the new role?
By Mandy Pang. I just got back from MS Tech Ed in New Orleans. The hot topic was obvious: Microsoft’s new cloud platform, Windows Azure. I attended multiple sessions (such as this one), and a central message was how easy Azure makes it for IT organizations to move their resources and applications to the cloud. … More A Report From MS TechED 2013: Are We Moving Our Authorization Overhead to the Cloud?