NextLabs® enhances its Zero Trust Data-Centric Security Software Suite for SAP

Adding major data encryption enhancements including FPE and DRM, advanced policy engine capabilities, and containerized architecture for hybrid-cloud deployments.

San Mateo, Calif. – December 13, 2022 NextLabs today announced major enhancements to its Data-Centric Security Suite for SAP, expanding its series of zero trust offerings that address the critical security needs of SAP enterprises. Powered by a unified policy platform, the Data-Centric Security Suite for SAP automates the use of least privilege access to secure SAP applications and protect data across hybrid cloud enterprises.

Built on the CloudAz zero trust policy platform, the Data-Centric Security Suite for SAP is a solution that integrates the functionalities of data access security, externalized authorization management, data loss prevention, and enterprise digital rights management into one comprehensive suite. The software suite applies policy-based enforcement to prevent data breaches and safeguard data in real time, with its dynamic authorization and attribute-based access control technology.

The core elements of Data-Centric Security Suite for SAP consist of:

  • Data Access Enforcer (DAE) for SAP. DAE for SAP enforces need-to-know policies and prevents wrongful disclosure of sensitive data across the SAP user base by segregating and obfuscating data both at rest and in use; ensuring only authorized users are able to access and view the protected data.
  • Dynamic Authorization Management (DAM) for SAP. DAM for SAP provides externalized authorization and data security control for SAP applications.
  • Data Loss Prevention (DLP) for SAP. DLP for SAP enables enterprises to prevent data loss or leakage from critical SAP applications.
  • Enterprise Digital Rights Management (EDRM) for SAP. EDRM for SAP ensures persistent protection of sensitive files and documents, by securing data on the move and at rest.

“We were able to implement the Data-Centric Security Suite for SAP in our organization within a 4-month project,” stated Marcelo Rosenthal, at Petrobras. “Deloitte and NextLabs did a very good job working together as their team members were responsive and knowledgeable, preventing business disruptions while achieving all of our goals.”

The latest additions to the Data-Centric Security Suite for SAP extend NextLabs’ focus on enforcing data protection, need-to-know and least privilege access policies for SAP applications and data. DAE for SAP now has added support for Format-Preserving Encryption (FPE) to obfuscate sensitive data both at rest and in use. The update builds upon DAE for SAP’s core functionalities of data segregation and filtering, allowing data to be masked at the application level and encrypted at rest so that any unauthorized direct database access is protected. EDRM for SAP’s added support for Dynamic Attribute Provider allows attributes to be retrieved dynamically for real time policy evaluation, enabling enforcement of fine-grained access control policies with real-time attributes to persistently protect important files. Updates also include new functionalities added to the CloudAz policy platform, most notably support for containerized architecture and cloud-native enhancement, allowing enterprises to deploy the software suite across hybrid and multi-cloud environments.

“Companies look for easy-to-use solutions that can be rapidly deployed to dynamically protect SAP data,” stated Mauro Honda, Partner at Deloitte Cyber. “NextLabs’ Zero Trust Data-Centric Security Suite and its out-of-the-box integrations with SAP and all major databases, allows enterprises to implement an effective cybersecurity framework, while automating access management and data security controls swiftly.”

Additional enhancements to the Data-Centric Security Suite for SAP include:

  • DAE for SAP. Extended support to SAP Business Warehouse (BW) & BW/4HANA.
  • DAM for SAP. Extended support for BW/4HANA and Out-of-the-box (OOTB) support for SAP EWM (Extended Warehouse Management); OOTB acceleration pack to secure Dynamic Transaction Interception (DTI) transactions; support for SAP Switch Framework.
  • DLP for SAP. Extended data leakage prevention capability to cover all exit points of the SAP ERP application; automatically tag files containing data extracted from the SAP ERP application with user, persona, transaction, classification, and business object attributes.
  • EDRM for SAP. Extended support to SAP ECTR, ensuring secure collaboration of engineering data.

Enterprises that run on SAP frequently face obstacles in ERP consolidation and IT modernization, struggling to keep up with ever-evolving global security and compliance requirements in the process. By automating consistent controls across the enterprise ecosystem, the Data-Centric Security Suite for SAP accelerates digital transformation initiatives, simplifying ERP management and automating compliance management.

Benefits of the Data-Centric Security Suite for SAP include:

  • Centrally manage and enforce least privilege access consistently inside and outside of SAP applications.
  • Prevent data leakage and violations by automating security procedures to assume breach and safeguard critical data.
  • Ensure compliance with regulations such as GDPR, ITAR, SOX, EH&S, and other corporate governance mandates.
  • Improve audit results and compliance reporting with centralized logging and reporting of all data access and authorization decisions.
  • Modernize and reduce the cost of access management with zero trust and policy-based access control.

“NextLabs continues to push the zero trust envelope by addressing new challenges and advancing new innovations in data-centric security,” stated Keng Lim, CEO and Founder of NextLabs. “The expertise we have built over the last 10 years is evident in our partnership with NIST National Cybersecurity Center of Excellence (NIST NCCoE) and in the 80+ patents we have — we stand committed to be the leader in zero trust data security to prevent unauthorized access and safeguard information sharing across the enterprise and in the cloud.”

###