Data Access Security

Ensure privacy and protection of data with real time segregation and dynamic data masking

NextLabs Data Access Enforcer (DAE) allows companies to dynamically enforce policies independent of application, UI, API, Microservice, batch job, and application function; regardless of how the data is being accessed.

Enforce Data Privacy

Enforce dynamic data masking and segregation controls

Ensure and Streamline Compliance

Comply with industry regulations including GDPR, ITAR/EAR, and SOX

Improve Business Agility

Secure data anywhere with a single policy

Reduce Security and Compliance Management Costs

Eliminate the need for custom code

Why Data Access Enforcer?

Record-Level Dynamic Data Filtering

DAE segregates data dynamically based on policy by shielding data from unauthorized users until access is granted. Authorization can be determined based on the industry, location, department, position, project assignment, or any other attribute of the user.

Field-Level Dynamic Data Masking

Dynamic Data masking is the process of hiding original data with modified content to protect data that is sensitive dynamically based on attribute-based policy. Data Access Enforcer (DAE) ensures that users can only view the fields on the record to which they have been granted access. For those not granted access, the value of the field will be masked.

Database operation & Data Manipulation Control

DAE uses attribute-based policies to control Create, Read, Update and Delete (CRUD) operations regardless of how or where the data is being accessed. Users can be given permission to view a set of data and other entities while being authorized to edit, create, or delete only a subset of these records.

Rapid Time to Value

DAE can be deployed and configured for your specific use cases in under 4 weeks, much quicker than alternatives. This is because policies are managed centrally, and no custom code is required.

Resources:

Data Access Enforcer Products

DAE for SAP ERP

NextLabs Data Access Enforcer for SAP ERP (DAE for SAP) provides dynamic data-level security controls and fine-grained data access governance for SAP applications. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for SAP. DAE for SAP enforces data-level security controls – such as field-level dynamic data masking, record-level data filtering, and monitors data access activity directly from within the data access layer of the SAP S/4 HANA and SAP ECC.

DAE for SAP complements SAP Dynamic Authorization Management (SAP DAM), which operates at the application layers of the SAP S/4 HANA and SAP ECC. DAE is UI, API, microservice, batch job, report, Transaction, and Fiori app independent and will support any UI with a single set of policies within a single solution.

DAE for SAP prevents unauthorized access to sensitive SAP data through fine-grained data-level security controls, protecting data, and addressing compliance requirements at the same time. DAE for SAP enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for SAP HANA

NextLabs Data Access Enforcer for SAP HANA (DAE for SAP HANA) provides dynamic data-level security controls and fine-grained data access governance for SAP HANA, whether it is being accessed through an SAP application or directly. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for SAP HANA. DAE for SAP HANA enforces data-level security controls – such as field-level dynamic data masking and record level data segregation and monitors data access activity directly from within the data access layer.

DAE for SAP HANA prevents unauthorized access to sensitive data through fine-grained data-level security controls, protecting data and addressing compliance requirements at the same time. DAE for SAP HANA enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for SAP HANA leverages user and host attributes in making access decisions, simplifying the design and development of security features into your application.

DAE for Linux

NextLabs Data Access Enforcer for Linux (DAE for Linux) provides dynamic data-level security controls and fine-grained data access governance for Linux applications that use ODBC/JDBC. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for ODBC and JDBC applications on Linux. DAE for Linux enforces data-level security controls – such as field-level dynamic data masking and record level data segregation and monitors data access activity directly from within the data access layer.

DAE for Linux prevents unauthorized access to sensitive data through fine-grained data-level security controls, protecting data and addressing compliance requirements at the same time. DAE for Linux enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for Linux leverages user and host attributes in making access decisions, simplifying the design and development of security features into your application.

DAE for Windows

NextLabs Data Access Enforcer for Windows (DAE for Windows) provides dynamic data-level security controls and fine-grained data access governance for Windows Desktop and Server applications that access external databases such as Excel, SQL Developer, DBeaver, Tableau, Power BI, SQL Server Management Studio, and SQL*Plus. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for Windows applications. DAE for Windows enforces data-level security controls – such as field-level dynamic data masking and record level data segregation and monitors data access activity directly from within the data access layer.

As an inline integration with ODBC, .NET, and SQL*Net, DAE for Windows prevents unauthorized access to sensitive data through fine-grained data-level security controls, protecting data and addressing compliance requirements at the same time. DAE for Windows enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for Windows leverages user and host attributes in making access decisions, simplifying the design and development of security features into your application.

DAE for Oracle

NextLabs Data Access Enforcer for Oracle (DAE for Oracle) provides dynamic data-level security controls and fine-grained data access governance for Oracle by serving as a SQL*Net proxy, allowing all calls from an Oracle Client to an Oracle Database to be evaluated against DAE’s data access policies. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for Oracle. DAE for Oracle enforces data-level security controls – such as field-level dynamic data masking and record level data segregation and monitors data access activity directly from within the data access layer where SQL*Net operates.

DAE for Oracle prevents unauthorized access to sensitive data through fine-grained data-level security controls, protecting data and addressing compliance requirements at the same time. DAE for Oracle enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for Oracle leverages user and host attributes in making access decisions, simplifying the design and development of security features into your application.

DAE for Microsoft and Azure SQL

NextLabs Data Access Enforcer for Microsoft and Azure SQL (DAE for Microsoft and Azure SQL) provides dynamic data-level security controls and fine-grained data access governance for both Microsoft SQL and Azure SQL. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for both Microsoft SQL and Azure SQL. DAE for Microsoft and Azure SQL enforces data-level security controls – such as field-level dynamic data masking and record level data segregation and monitors data access activity directly from within the data access layer.

DAE for Microsoft and Azure SQL prevents unauthorized access to sensitive data through fine-grained data-level security controls, protecting data and addressing compliance requirements at the same time. DAE for Microsoft and Azure SQL enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for Microsoft and Azure SQL leverages user and host attributes in making access decisions, simplifying the design and development of security features into your application.

DAE for BigQuery

NextLabs Data Access Enforcer for BigQuery (DAE for BigQuery) provides dynamic data-level security controls and fine-grained data access governance for BigQuery. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture for BigQuery. DAE for BigQuery enforces data-level security controls – such as field-level dynamic data masking and record level data segregation and monitors data access activity directly from within the data access layer.

DAE for BigQuery prevents unauthorized access to sensitive data through fine-grained data-level security controls, protecting data and addressing compliance requirements at the same time. DAE for BigQuery enables employees and external partners to share critical information and collaborate in business processes to improve workforce productivity and business agility.

DAE for BigQuery leverages user and host attributes in making access decisions, simplifying the design and development of security features into your application.

DAE and Dynamic Data Masking

Dynamic Data Dasking refers to masking of data where the decision on whether to mask the data in question is determined at the time of the data access request and is based on attribute values of the user requesting access, the data itself, and the environment or context in which the request is being made. Other terms that are often used to refer to data masking include anonymization, obfuscation, and tokenization, although these terms are sometimes defined slightly differently depending on context.

Related Links:

Data Access Enforcer (DAE)

FEATURES
Dynamic Data Filtering controls
  • Segregates and shields data from unauthorized users until access is granted. Authorization can be determined based on policies that examine attributes of the data being accessed, the context of the request, and user identity.
  • Control what users can do with filtered rows in database tables
  • Filter the database rows by operation (e.g., Select, Update, Delete) such that users cannot select, update, or delete rows that have been filtered
Database operation and data manipulation controls
  • Control what database operations user is authorized to perform
  • Uses attribute-based policies to control Create, Read, Update and Delete (CRUD) operations
  • Block by operation (e.g., Insert, Execute) such that users cannot insert a base table or call a stored procedure
Dynamic Data Masking Controls
  • Ensures that users can only view the fields on the record to which they have been granted access. For those not granted access, the value of the fields will be masked
  • Block user to update the masked fields
Support for multiple database APIs Access via OBDC, JDBC, or REST APIs
Support for multiple data sources Ability to enforce policies with user attributes that can come from Active Directory or the database itself
Centralized auditing and reporting  Auditing and reporting in Control Center on all the database request and actions  performed

 

BENEFITS
Protect data and simplified access control Ensure privacy and protect data with dynamic data segregation and masking controls

Externalize authorization management to simplify and reduce the time spent on administering access control policies
Enhanced business agility React more rapidly to changes in business requirements, market conditions, or regulatory environment since policy changes can be made without requiring code changes or application downtime
Higher ROI by leveraging existing IT investments Lower your total cost of ownership as you can leverage your existing investment in the NextLabs platform
Reduced compliance costs Reduce the cost of compliance through more efficient and cost-effective monitoring and audit of your data