Home | Dynamic Security for Cloud | DAE as a Service
DAE
as a Service
Protect data and ensure need-to-know access anywhere & everywhere
Home | Dynamic Security for Cloud | DAE as a Service
Protect data and ensure need-to-know access anywhere & everywhere
NextLabs Data Access Enforcer (DAE) for SAP allows companies to dynamically enforce policies independent of UI, API, Microservice, Batch job, Report, Transaction, and Fiori app, regardless of how the data are being accessed.
Unified policy management platform with Dynamic Authorization Policy Engine.
Persistent protection of critical files and documents stored and shared anywhere.
Secure applications, externalize entitlement, protect data, and simplify access management.
Dynamically enforce data masking and filtering controls
Comply with industry regulations including GDPR, ITAR/EAR, & SOX
Secure any SAP ERP data with a single policy
Reduce compliance mgmt. costs, with the elimination of custom code
Data Access Enforcer (DAE) controls access to your sensitive information at the data access point, so no unauthorized access can occur, regardless of the approach.
DAE provides unmatched flexibility and security in defining and enforcing data access controls
Access to data based on policies that examine attributes of the data being accessed, the context of the request, and user identity. DAE for SAP dynamically applies the relevant policies, factoring in changes in the attributes of data or the user to always enforce fine-grained security controls to mask, protect, and segregate data. Rules are validated in real-time when a user attempts to access data, before granting permission to access.
The need for data masking is more crucial than ever due to the various requirements mandating the protection of sensitive data, such as personally identifiable information (PII), customer data, financial data—the list goes on. Through a policy-driven approach, DAE for SAP ensure that users can only view the fields on records they have been granted access to and masks the information that they have not been authorized to view. Centrally managed policies define masking patterns and rules to determine who, what, when, where, and why to mask field(s) in real-time.
SAP Business Object attributes and metadata can be combined with user attributes from existing sources, including SAP Central User Administration, Identity Management, Human Capital Management, and other third- party identity management providers, directory servers, or federated identities. These attributes are dynamically accessed at runtime to allow access to the data.
DAE for SAP’s comprehensive dynamic data filtering capability guarantees that users can only view records that they have been authorized to access. Authorization can be determined based on user attributes such as industry, location, department, position, project assignment, etc. and attributes of data accessed like the sensitivity level or the type of transaction. Policy can be written to make authorization decision by comparing user attributes against the attributes of data. For example, you can filter data in charts and reports to only allow authorized users to see the inventory and pricing data in US for the Consumer Electronics business unit.
Using contextual information (e.g., location, device, department), DAE for SAP can determine if a user is authorized to access data at runtime and virtually compartmentalizes the data with field-level security controls for added granularity. This approach of enforcing policy based on attributes also simplify role administration as attributes and conditions change.
Authorization policies can be centrally managed and reviewed across all an organization’s SAP applications, substantially reducing administration costs.
In addition to native support of several SAP applications, DAE for SAP supports batch programs, reports, and custom applications (aka “Z Programs”) without code modifications.
DAE for SAP uses policy to grant users permission to view certain records while being authorized to edit, create, and delete, only a subset of these records. Policy is enforced regardless of the business transaction used to access the data. For instance, a finance manager may be given permission to view detailed cost information on all oil pipeline projects in North America but only allowed to create and edit information for similar projects in Texas.
DAE for SAP tracks and stores user activities and data access across all SAP applications in a central audit server, simplifying compliance management. Analytics for user behavior and access patterns are provided via dashboards, reports, and automated monitoring facilities.
Zero Trust Data Centric Security
NextLabs® patented dynamic authorization technology and industry leading attribute-based zero trust policy platform helps enterprises identify and protect sensitive data, monitor and control access to the data, and prevent regulatory violations – whether in the cloud or on premises