Companies are embracing Zero Trust
Featured Customer
Petrobras
How to Improve the Security of Personal & Confidential Data Using Attribute-Based Access Control (ABAC)
A case study of NextLabs Zero-Trust Data-Centric Security software being applied to Petrobras
What Petrobras Achieved
01
Expert Trainers
Improved security & streamlined compliance to LGPD and SOX regulations
02
Unlimited Access
100% completion of scope within an aggressive timeline
03
24/7 Online Support
Quickly adapt to new business requirements, simplify change & escalation management
About the project
Ensuring access to business-critical data on a need-to-know basis is a crucial aspect for companies to ensure their information is protected from data loss. For Petrobras, their need to improve the security of their confidential data and personal data was overcome through NextLabs’ solutions which used attribute-based access control (ABAC) and dynamic authorization technology. This dynamic approach not only addressed Petrobras’ need to remain in compliance and maintain agility with the advancement of new regulations for the protection of personal data and business-critical data; the approach also helped automate role provisioning, strengthen SAP security profiles, as well as improving data management and access control.
Looking to the future
Petrobras’ zero trust road map for the future
Featured Customer
Solvay
Improve Access Mgmt. and Protection of Export-Controlled and EH&S Data
“NextLabs did a great job working with us to implement the Zero Trust Data Security suite for SAP,” stated Jean Vernade, Platform Architect at Solvay Digital Technology. “NextLabs’ team was very responsive and knowledgeable – addressing our needs and accommodating new requirements implementing DAM and DAE for SAP to control access and segregate data logically for compliance with export control and EH&S regulations.”
About the project
Ensuring compliance with EH&S and export regulation is critical for global expansion and avoiding costly penalties, reputational damage, and maintaining the integrity of international trade. For Solvay, it is crucial to comply with several export control regulations that are either military (ITAR, EAR…) or dual use (EU, UK, Canada…). Furthermore, Solvay must comply with Environmental, Health, and Safety (EH&S) regulations and minimize the impact of their operations on the environment. Like many companies, Solvay’s ability to manage and control access at the data access level was limited due to static roles (PFCG roles in SAP), which are complex and difficult to maintain. As such, Solvay’s need to secure export-controlled data stored in SAP application was overcome through NextLabs’ zero trust data security suite, which provides dynamic data-level security controls and fine-grained data access governance. This dynamic approach not only addressed Solvay’s need to remain in compliance with export regulations and EH&S; the approach also helped automate role provisioning, increase the level of security, as well as improve data and access rights management in SAP applications.
Compiance
Improve data security & streamline compliance with export controls and EH&S regulations
Right Technology
Simplify security processes and reduce cost while scaling operations with zero trust security model
Automation
Automate and prevent unauthorized access and data leakage, while reduce complexity of role management
Outcomes
Enabled by NextLabs Expert Services, Solvay Digital Technology team was able to effectively implement NextLabs DAM and DAE for SAP to streamline compliance and strengthen cybersecurity. Multiple SAP ECC servers were installed with the NextLabs enforcers for SAP, which interacts with NextLabs Policy Engine via Amazon Application load-balancer. Policy admins can access the Control Center Server (PAP) to author policies via the Policy Studio GUI. In doing so, Solvay can simplify access management and protect data across SAP applications, while automating role provisioning and streamlining audits.
Other Featured Customers
GE Aviation
Improve access management and protection of export-controlled & EH&S data
Fiserv
Safeguard financial and customer data with dynamic data anonymization & segregation
New York MTA
Using Digital Rights Management to ensure persistent file protection across the extended enterprise