NextLabs Partners with NIST to Address Access Rights Management for the Financial Services Sector
San Mateo — August 30, 2017 — NextLabs, a leading provider of data-centric security software to protect business critical data and applications, is working with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) to develop a framework for implementing and administering Access Rights Management (ARM) in the financial services sector. The NCCoE effort brings together experts from academia, the financial services sector, and cybersecurity vendors to produce a practice guide — a practical, user-friendly document that facilitates the adoption of standards-based approaches to cybersecurity.
“Collaborating with stakeholders such as members of industry, technology providers, and integrators to produce viable cybersecurity solutions is key to the NCCoE’s success,” Harry Perper, NCCoE Chief Engineer at NIST. “The Access Rights Management practice guide is another successful example of how these stakeholders engage with NCCoE to produce solutions to real world problems that can be adopted to reduce the level of risk for owners and operators in the financial services sector.”
The NCCoE aims to addresses challenges stemming from some of the identity and access systems employed by the financial services sector. Because these systems can be fragmented, incompatible, and operate in isolation from one another, securing them from attackers or insider threats is difficult. These complexities also impede the secure adoption of new technologies such as mobile and cloud computing. To address these challenges, the financial services sector needs the ability to centrally issue, validate, and modify or revoke access rights for an entire enterprise based on easy-to-understand business rules. The goal of this project is to demonstrate ways to link the management of existing disparate identity and access mechanisms and systems into a comprehensive ARM solution.
The guide is available for download on the NCCoE website: https://nccoe.nist.gov/projects/use-cases/financial-services-sector
NextLabs became a National Cybersecurity Excellence Partner in 2015, and has contributed its software products and expertise in designing access rights management solutions including fine-grained access control to meet modern data security, privacy, and compliance requirements.
“We are committed to our growing partnership with NIST to develop guides for many industries and technologies — including our contribution of methodologies outlined in the Attribute Based Access Controls (ABAC) Guide and Access Rights Management (ARM) Practice Guide,” said Keng Lim, CEO of NextLabs. “Our goal is to simplify information security, and to allow users to focus on innovation and what they do best.”
About NextLabs
NextLabs, Inc. provides data-centric security software to protect business critical data and applications. Our patented dynamic authorization technology and industry leading attribute-based policy platform helps enterprises identify and protect sensitive data, monitor and control access to the data, and prevent regulatory violations – whether in the cloud or on premises. The software automates enforcement of security controls and compliance policies to enable secure information sharing across the extended enterprise. NextLabs has some of the largest global enterprises as customers and has strategic relationships with industry leaders such as SAP, Siemens, Microsoft, and IBM. For more information on NextLabs, please visit http://ec2-34-238-18-140.compute-1.amazonaws.com.