Is this the Right time for Rights Management?

By E.K. Koh, VP of Solutions at NextLabs It depends on whether you believe the analysts. In the report “Information Security Predictions and Recommendations 2014”, Kuppinger Cole recommends that enterprises “Focus on strategic elements such as Information Rights Management for documents and Enterprise Key and Certificate Management (EKCM) for managing the secrets.” And, at the … More Is this the Right time for Rights Management?

Protecting Against Data Breach – what offers the best bang for your buck?

By E.K. Koh, VP of Solutions at NextLabs   There has been a lot of talk about how data breach is exponentially increasing. In a recent NIST cyber security framework, there is an entire segment on “Protecting” Data. To be effective against cyber-breach, we all agree that implementing all elements of the NIST framework is … More Protecting Against Data Breach – what offers the best bang for your buck?

DFARS: Where is my Unclassified Controlled Technical Data?

By Dennis Andrie, Director of Professional Services and Support at NextLabs In our last blogpost on the Defense Acquisition Regulations System (DFARS) Subpart 204.73 and associated contract clause 252.204-7012, Safeguarding of Unclassified Controlled Technical Information, we discussed actions that companies must act upon to protect Unclassified Controlled Technical Information when they contract or subcontract with the U.S. Government … More DFARS: Where is my Unclassified Controlled Technical Data?

SharePoint 2014 Key Security Takeaways – Our Top 5

By Mandy Pang, Senior Product Manager SharePoint 2014 Key Security Takeaways – Our Top 5 The conference attendees were buzzed on Attributes.  Specifically, attribute-based security models for SharePoint.  Role-based models are no longer making the cut – they leave collaboration vulnerable.  Attribute-based solutions have fine-grained control. Clouds, of course was big, even bigger was the … More SharePoint 2014 Key Security Takeaways – Our Top 5

Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud

By Sudhindra Kumar, Principal Software Engineer at NextLabs In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance. In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. … More Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud

Can we turn off Snowden’s access after the fact?

By E.K. Koh In my last blog, Would data-level controls have stopped Snowden, I highlighted the importance to separate system rights from data rights. But what if Snowden was using a login credential that in fact grants him rights to sensitive data? Accounts vary, but in the blog What the Snowden affair taught us , … More Can we turn off Snowden’s access after the fact?

Managing Export Compliance with Trade Management IT Systems

By Soujanya Madhurapantula. Let’s start with what a trade management system is, what it does, and what are some of its shortcomings. What is a Trade Management System Export control can get pretty messy, especially when you consider how a typical company will be operating according to the rules of multiple jurisdictions at any given … More Managing Export Compliance with Trade Management IT Systems