Home | Dynamic Security for Cloud | DAE as a Service

DAE

as a Service

Protect data and ensure need-to-know access anywhere & everywhere

Request a Trial

Secure Global Data Access and Enforce Need-to-Know & Data Privacy Policies in the Cloud

Applying Zero Trust principles to implement robust data access security across applications, Data Access Enforcer (DAE) ensures privacy and protection of data with real-time segregation and masking control. Powered by CloudAz, it controls access to data through fine-grained attribute-based policies that are dynamically enforced at runtime, regardless of how the data is being accessed. DAE also provides dynamic data-level security controls and fine-grained data access governance independent of services, applications, UI, and API, while supporting any Commercial-off-the-shelf (COTS) application with a single set of policies.

Explore Data Access Enforcer (DAE) Enterprise

Resources

DAE Brochure

Data Access Enforcer for SAP

Other Products

CloudAz as a Service

Unified policy management platform with Dynamic Authorization Policy Engine.

SkyDRM as a Service

Persistent protection of critical files and documents stored and shared anywhere.

Application Enforcer as a Service

Secure applications, externalize entitlement, protect data, and simplify access management.

Helping Enterprises Achieve

Enforce Data Privacy

Dynamically enforce data masking and filtering controls

Automate Compliance

Comply with industry regulations including GDPR, ITAR/EAR, & SOX

Improve
Agility

Improve Agility

Secure any data with a single policy

Reduce Security Costs

Reduce compliance mgmt. costs, with the elimination of custom code

Why Data Access Enforcer?

Data Access Enforcer (DAE) controls access to your sensitive information at the data access point, so no unauthorized access can occur, regardless of the approach.

  • Field-Level Data Masking: Data masking is the process of hiding original data with modified content to protect data that is sensitive. Data Access Enforcer (DAE) ensures that users can only view the fields on the record to which they have been granted access. For those not granted access, the value of the field will be masked.
  • Record-Level Data Filtering: DAE shields data from unauthorized users until access is granted. Authorization can be determined based on the industry, location, department, position, project assignment, or any other attribute of the user.
  • Transaction-Independent Data Manipulation Control: DAE uses attribute-based policies to control Create, Read, Update and Delete (CRUD) operations regardless of how or where the data is being accessed. Users can be given permission to view a set of data and other entities while being authorized to edit, create, or delete only a subset of these records.
  • Rapid Time to Value: DAE can be deployed and configured for your specific use cases in under 4 weeks, much quicker than alternatives. This is because policies are managed centrally, and no custom code is required.

Features

DAE provides unmatched flexibility and security in managing and enforcing data access controls.

Attribute-Based Security

Access to data based on policies that examine attributes of the data being accessed, the context of the request, and user identity. DAE dynamically applies the relevant policies, factoring in changes in the attributes of data or the user to always enforce fine-grained security controls to mask, protect, and segregate data. Rules are validated in real-time when a user attempts to access data, before granting permission to access.

Dynamic Field-level Data Masking

The need for data masking is more crucial than ever due to the various requirements mandating the protection of sensitive data, such as personally identifiable information (PII), customer data, financial data—the list goes on. Through a policy-driven approach, DAE ensure that users can only view the fields on records they have been granted access to and masks the information that they have not been authorized to view. Centrally managed policies define masking patterns and rules to determine who, what, when, where, and why to mask field(s) in real-time.

Seamless Support of the User Identity, Transaction, and Data Model of the Application

Business object and metadata can be combined with user attributes from existing attribute sources, including application user, directory services, federated identities, HR, and other third-party system of records. These attributes can be combined in the policy to grant permission to execute business transactions and modify transaction data in real-time.

Granular Record-level Data Filtering

DAE's comprehensive dynamic data filtering capability guarantees that users can only view records that they have been authorized to access. Authorization can be determined based on user attributes such as industry, location, department, position, project assignment, etc. and attributes of data accessed like the sensitivity level or the type of transaction. Policy can be written to make authorization decision by comparing user attributes against the attributes of data. For example, you can filter data in charts and reports to only allow authorized users to see the inventory and pricing data in US for the Consumer Electronics business unit.

Dynamic Runtime Policy Enforcement

Using contextual information (e.g., location, device, department), DAE can determine if a user is authorized to access data at runtime and virtually compartmentalizes the data with field-level security controls for added granularity. This approach of enforcing policy based on attributes also simplify role administration as attributes and conditions change.

Centralized Policy Management

Authorization policies can be centrally managed and reviewed across all an organization’s applications, substantially reducing administration costs.

OOTB Support of Custom Applications and API Calls

In addition to native support for 100s of applications OOTB, DAE supports batch programs, API calls, custom tables, and custom programs without code changes.

Transaction-Independent Data Manipulation Control

DAE uses policy to grant users permission to view certain records while being authorized to edit, create, and delete, only a subset of these records. Policy is enforced regardless of the business transaction used to access the data. For instance, a finance manager may be given permission to view detailed cost information on all oil pipeline projects in North America but only allowed to create and edit information for similar projects in Texas.

Centralized Audit and Monitoring

DAE tracks and stores user activities and data access across all applications in a central audit server, simplifying compliance management. Analytics for user behavior and access patterns are provided via dashboards, reports, and automated monitoring facilities.

NextLabs Resources

Data Sheets

Solution Papers

White Papers

Customer Stories

Glossary

Videos
  • Ensure privacy & protection of data with real-time filtering & masking controls
  • Why Data Access Enforcer?
  • Features
  • Other resources

Zero Trust Data Centric Security

NextLabs® patented dynamic authorization technology and industry leading attribute-based zero trust policy platform helps enterprises identify and protect sensitive data, monitor and control access to the data, and prevent regulatory violations – whether in the cloud or on premises

Grow with confidence

Become an Insider
Request Demo

Quick Links

About NextLabs

NextLabs Community

Contact Us