HomeResources | White Papers

White Papers

Featured White Paper

Implementing a Zero Trust Architecture: NIST NCCoE

The NCCoE produced a document on Implementing Zero Trust Architecture, demonstrating proposed architecture(s) for on-premises and cloud environments that inherit ZTA solution characteristics outlined in NIST SP 800-207. The paper also discusses the impacts on the enterprise, administrator, and end-user when a ZTA strategy is employed.

In this resource, NextLabs reviews some of the key information of the NCCoE project in a summarized and easy-to-digest format.

All White Papers

 
...
Prevent Data Loss Across the ERP Landscape

This white paper has comprehensively addressed the pressing need for robust data loss prevention strategies within ERP systems, which are integral to the...

Learn More
 
...
Implementing Preventative Segregation of Duties with NextLabs

Segregation of duties (SoD), also called separation of duties, is a fundamental aspect to sustainable internal controls and risk management. The purpose of SoD...

Learn More
 
...
Using NextLabs to Implement the Department of Defense (DoD) Zero Trust Reference Architecture

The DoD Zero-Trust Reference Architecture Version 2.0 establishes a framework which provides guidance through architectural Pillars and Principles for...

Learn More
 
...
Understanding the NIST Cybersecurity Framework 2.0

The NIST CSF 2.0 is a set of guidelines, best practices, and standards to help organizations manage and improve their cybersecurity posture. It provides a...

Learn More
 
...
NextLabs Approach to CISA’s Zero Trust Maturity Model (ZTMM)

CISA’s Zero Trust Maturity Model (ZTMM), first released in August of 2021, provides an approach to achieve continued modernization efforts related to zero...

Learn More
 
...
Implementation of Zero Trust Architecture

This whitepaper summarizes several of the models and reference architectures published by different government organizations, including the Cybersecurity and...

Learn More
 
...
NIST 800-207 Zero Trust Architecture

In this technical white paper, the importance of implementing Zero Trust Architecture is discussed. The growth in cloud computing, Internet of Things (IoT),...

Learn More
 
...
Nextlabs and Access Controls of NIST SP 800-53

NIST SP 800-53 Revision 5 details a framework to protect an organization and its assets from a range of threats, including cyberattacks, insider threats,...

Learn More
 
...
NextLabs’ Solution for the Cybersecurity Maturity Model Certification (CMMC) Program

The Cybersecurity Maturity Model Certification (CMMC) is a framework developed by the U.S. Department of Defense (DoD) to enhance the cybersecurity posture of...

Learn More
 
...
Zero Trust Policy Engine: An In-Depth Analysis

Today’s organizations face the task of securing a digital core beyond traditional network boundaries, while also ensuring that data can seamlessly traverse...

Learn More
 
...
The Next Frontier of SASE

In this white paper, the next frontier of SASE is discussed, along with the importance of securing access to protect data and applications in addition to...

Learn More
 
...
Managing Role and Group Explosion with Dynamic Authorization

In this technical white paper, current business drivers and how they are contributing to the challenge of role and group explosion are discussed.  The...

Learn More
 
...
Dynamic Data Protection Using Attribute-Based Access Control (ABAC)

In this technical white paper, the importance of dynamic data protection in relation to Attribute-Based Access Control (ABAC) is discussed. With ABAC, companies...

Learn More
 
...
Implementing a ZTA-NIST NCCoE Overview

NCCoE produced a document on Implementing Zero Trust Architecture, demonstrating proposed architecture(s) for on-premises and cloud environments that inherit...

Learn More
 
...
A New Approach to Enterprise Digital Rights Management (EDRM)

To fully extract the benefits of EDRM, a simpler, more manageable, user friendlier and more enterprise ready approach is needed. This paper looks at a new...

Learn More
 
...
What Will Data-Centric Security Look Like Over the Next 5 Years

According to NIST Cybersecurity, confirming data-centric security is an important challenge to address over the next five years with the increased...

Learn More
 
...
The Biggest Gap in Your Cyber Security Solution

Everyone agrees threats to cyber security are on the rise. But how well do organizations understand which threats they should worry the most about? This white...

Learn More
 
...
Secure Global Collaboration with Information Labeling and Handling (ILH)

Today, large engineering and manufacturing projects are performed across borders, with all the accompanying laws and regulations that govern the export and...

Learn More
 
...
Secure Deployment of Microsoft SharePoint Extranet for Enterprises

Enterprises use extranets for external collaboration with partners, suppliers, customers, clients, joint-ventures and remote employees. This paper addresses...

Learn More
 
...
Secure Collaboration for Product Lifecycle Management (PLM)

Organizations find themselves grappling with the increasing complexity of multiple, overlapping dimensions of information risk that expand beyond the subject...

Learn More
 
...
Safeguarding Data in Joint Ventures, Mergers & Acquisitions, Divestitures, and Sanctions

According to IBM, more than one in three executives surveyed said they have experienced data breaches that can be attributed to merger and acquisition activity...

Learn More
 
...
Managing Information Risk for Microsoft SharePoint

The explosive nature of SharePoint can catch data owners and information managers off guard, especially when it comes to ensuring that sensitive information is...

Learn More
 
...
Intellectual Property Protection

As products become more complex companies find themselves in increasingly distributed and collaborative supply chains. This paper describes some of the key...

Learn More
 
...
Implementing Data Security Using Attribute Based Access Control (ABAC)

Attribute Based Access Control (ABAC) has proven to be the best approach to data-centric security to keep pace with the demands of today’s extended...

Learn More
 
...
Enterprise Governance, Risk, and Compliance (eGRC) Solution for Information Export Control

Many Aerospace and Defense, High Tech and Industrial companies use SAP GRC Global Trade Services (GTS) to manage compliance with ITAR and EAR for export...

Learn More
 
...
Evolution of Role Based Access Control (RBAC) to Attribute Based Access Control (ABAC)

When an organization expands, Role Based Access Control (RBAC) reveals its limitations. This paper discusses the limitations and future of RBAC, and how...

Learn More
 
...
Ensure Successful Attribute Based Access Control (ABAC) Implementation

Attribute-based access control (“ABAC” for short) has reached the point of mass adoption with respect to access control technologies. This paper discusses...

Learn More
 
...
Electronic Export Compliance

Satisfying ITAR and EAR regulations is a major challenge for Aerospace & Defense (A&D) firms. This paper discusses how the NextLabs and SAP solution helps A&D...

Learn More
 
...
Designing Electronic Barriers Around Digital Assets

As businesses eagerly position themselves to take advantage of these opportunities, they discover new forms of information risk. This white paper explores a...

Learn More
 
...
Data-centric Security for the Extended Enterprise

Yesterday’s security is no match for the challenge of protecting data across the extended enterprise, with sensitive data increasingly shared across...

Learn More
 
...
Automation Information Handling

With increased mobile users and data, portable devices, partners, and remote workforces, risks are growing over sensitive business information. This paper...

Learn More
 
...
Attribute Based Access Control (ABAC) for SAP

Data security has become one of the most significant challenges in global businesses. This paper will discuss the features and roles of functional and data...

Learn More
 
...
Applying Zero Trust Principles to NIST 800-53

With the proliferation of cloud services, mobile technologies, and increasingly globalized workforces, trying to contain and validate access to data within an...

Learn More
 
...
Addressing Gaps in Your Cyber Security

Most cyber security solutions protect infrastructure, assuming that data stored within containers will be protected. This paper explains why this assumption is...

Learn More