NextLabs Rights Management Platform



Similar documents
1 Introduction Product Description Strengths and Challenges Copyright... 5

ObserveIT User Activity Monitoring

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report

EXECUTIVE VIEW. Centrify Identity Service. KuppingerCole Report. by Martin Kuppinger January 2015

1 Introduction Product Description Strengths and Challenges Copyright... 5

Protecting the keys to your kingdom against cyber-attacks and insider threats

Agenda SAP AG or an SAP affiliate company. All rights reserved. 2

EXECUTIVE VIEW. EmpowerID KuppingerCole Report. By Peter Cummings October By Peter Cummings

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report

Oracle Role Manager. An Oracle White Paper Updated June 2009

SM B13: Symantec Data Insight Ketan Shah, Principal Product Manager John Dodds, Director Technical Product Manager

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

Secure Engineering Collaboration with Integrated Rights Management

Symantec Enterprise Vault for Microsoft Exchange

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

how can I comprehensively control sensitive content within Microsoft SharePoint?

10 Building Blocks for Securing File Data

VENDOR REPORT by Martin Kuppinger April Atos DirX. KuppingerCole

Symantec Enterprise Vault for Microsoft Exchange

KPMG Unlocks Hidden Value in Client Information with Smartlogic Semaphore

Data Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review

Symantec Managed PKI Service Deployment Options

SIEM and IAM Technology Integration

DocAve Software Platform

Integrated archiving: streamlining compliance and discovery through content and business process management

LANDesk Data Analytics

ORACLE FUSION MIDDLEWARE PROFILE

Veritas Enterprise Vault for Microsoft Exchange Server

OpenText Media Management Audit Module FAQ

Data Sheet: Archiving Symantec Enterprise Vault for Microsoft Exchange Store, Manage, and Discover Critical Business Information

Symantec Enterprise Vault for Microsoft Exchange Server

Archiving with Enterprise Vault Bruno Ritter

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress

Protecting Business Information With A SharePoint Data Governance Model. TITUS White Paper

The Smart Archive strategy from IBM

GFI Archiver Evaluation guide: Online Demo Evaluation Guide

KuppingerCole Product Research Note. Virtual Forge CodeProfiler. by Prof. Dr. Sachar Paulus March 2012

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP

Platform extensibility services

SAP Mobile Documents. December, 2015

WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity

An Oracle White Paper February Oracle Data Integrator 12c Architecture Overview

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Business-Driven, Compliant Identity Management

WHITE PAPER Open Text and Microsoft Office SharePoint Server: The Road to Greater Productivity

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions.

Leveraging Teamcenter security capabilities to protect your intellectual property and enable secure collaboration

Microsoft SharePoint and Records Management Compliance

Increase business agility and accelerate PLM return on investment

How can Identity and Access Management help me to improve compliance and drive business performance?

IBM CommonStore Archiving Preload Solution

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Enterprise Rights Management

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

IBM Infrastructure for Long Term Digital Archiving

Compliance and Security Solutions

Data Sheet: Archiving Symantec Enterprise Vault for Microsoft Exchange Store, Manage, and Discover Critical Business Information

DELIVERING TRUSTED, PROVEN SOLUTIONS FOR THE EFFICIENT MANAGEMENT OF UNSTRUCTURED DATA SOARSOFTINTERNATONAL.COM

Enterprise Data Management for SAP. Gaining competitive advantage with holistic enterprise data management across the data lifecycle

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

The Data Management of Things

<Insert Picture Here> Oracle Identity And Access Management

SWOT Assessment: Eccentex AppBase v5.0

Symantec Enterprise Vault

MarketsandMarkets. Publisher Sample

OBLIGATION MANAGEMENT

IPLocks Vulnerability Assessment: A Database Assessment Solution

Top 5 reasons to choose HP Information Archiving

SharePoint Will be Your Repository for Governed Content

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

I D C A N A L Y S T C O N N E C T I O N

EMA Radar for Workload Automation (WLA): Q2 2012

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Key Issues for Identity and Access Management, 2008

GFI product comparison. GFI MailArchiver vs. Symantec Enterprise Vault

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

management solutions

SAM Enterprise Identity Manager

Business-driven governance: Managing policies for data retention

Market Guide for Data-Centric Audit and Protection

Streamlining Identity and Access Management through Unified Identity and Access Governance Solutions

IBM Unstructured Data Identification and Management

IBM Software Group. Deliver effective governance for identity and access management.

Datacenter Management and Virtualization. Microsoft Corporation

Aerospace Supply Chain Engineering Enablement

Transcription:

KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger October 2015 Comprehensive Rights Management solution including information classification, based on a well thought-out policy management model supporting XACML as a standard, with outstanding support for PLM environments and engineeering data. by Martin Kuppinger mk@kuppingercole.com October 2015 Content 1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 4 4 Copyright... 5 Related Research Leadership Compass: Secure Information Sharing - 72014 Executive View: NextLabs Control Center - 70847 Advisory Note: From Data Leakage Prevention (DLP) to Information Stewardship - 70587

1 Introduction Business professionals are often faced with an overwhelming amount of information, both structured and unstructured, and making efficient use of this data is becoming increasingly more difficult. Determining the balance between security and business efficiency in the adoption of new technology can be daunting. There is an increasing need to share data, not just within the organisation but with business partners as well as customers. In the digital business this increased communication has significant benefits to each line of business, improving efficiency and reducing costs. At the same time, there are increasingly scary revelations of data breaches and loss of intellectual property. So, in order to support business processes, it is important to be able to provide access to sensitive data but it is also important that cyber security requirements are adequately observed. In approaching the selection of a vendor for the provision of a secure information sharing solution it is important to take an information lifecycle approach whereby the processes around data generation, its transformation and classification, as well as data storage and data destruction, are well defined. This requires policy to be established to advise on the proper location of records, the ownership and the value of data, as well as for retention periods to be determined and documented. The focus needs to be on deriving value for data assets which means ensuring data quality, improving the communication of data, and deleting data when it s no longer required. Secure Information Sharing approaches rely on a number of elements. Aside from encrypting documents and other types of files, this involves setting, managing, and enforcing access policies, but also requires classification of the data. The latter is an essential element of secure information sharing, allowing application of policies based on metadata of classified information. Over the past few years, secure information sharing has matured significantly and is now ready for use on a large scale. From the KuppingerCole perspective, setting up secure information sharing infrastructures is essential for any type of organization as a means to better protect valuable information in this age of ever-increasing cyber-attacks. NextLabs is a US-based vendor with headquarters in San Mateo, CA, and a strong footprint as well in the APAC (Asia/Pacific) region. The company focuses on what they call Information Risk Management, i.e. practical solutions allowing better protection of critical information. The company s core capabilities are in the area of Entitlement Management and Digital Rights Management, i.e. managing entitlements and access and usage rights to information. Based on their ability in that area, NextLabs is following an industry solution approach and building an end-to-end product suite that covers the entire information lifecycle. Based on their NextLabs Control Center Platform, they are offering various types of information control enforcement products including: Entitlement Management Enterprise Digital Rights Management Document Control and Data Protection Page 2 of 6

These solutions focus on securing information during the full lifecycle, at the source, in use and when sharing. This approach is supported by an Information Risk Management methodology and pre-defined content for industry secure collaboration and specific compliance requirements. As a go-to-market strategy, NextLabs focuses on large technology partners such as SAP, Microsoft, Siemens, and IBM, and large system integrators and consultancies such as IBM, SAP, Deloitte, HCL and Hitachi Consulting. Based on the Control Center platform, NextLabs provides, for example, specific out of the box enforcement solutions for Siemens PLM, Microsoft SharePoint, SAP ERP, various content repositories and related environments. 2 Product Description NextLabs with its Enterprise Digital Rights Management (EDRM) product line, which builds on its Control Center Platform, provides data classification, access control, secure storage and rights management in one solution. Their product offering leverages attribute-based policies to control access to applications and rights protected data wherever they reside, as well as data segregation and loss prevention capabilities. The NextLabs product offering consists of a Rights Management Server, providing a secure document sharing solution for users via HTML5 applications, and a Rights Management Client which provides data classification and rights management controlling access to a wide number of file formats and applications. The product leverages the NextLabs Control Center which is used to centrally manage policies and provide audit facilities. The Control Center Information Control Policy Platform maintains a user identity repository of approved users and an analytic and reporting module to manage and report on events and alerts for anomalies. The Information Control module manages data classification, access control, encryption and communications with the Control Center. Classification can be user-driven or rule-based. The Information Control Enforcement module performs the rights management function; it consists of enforcement connectors for supported file stores. NextLabs also provides a web-based Rights Management Server which provides secure access and usage controls to rights protect content of any kind with rich functionality without any client software. NextLabs Rights Management (EDRM) applies rights protection automatically, using attributes such as document content and classification to eliminate reliance on manual processes. Moreover, it relies on the same defined entitlements that are used in the other areas, due to the common underlying Control Center platform. Thus, it also provides full support for XACML in managing policies and entitlements. NextLabs supports both an integrated approach with Microsoft Active Directory (AD) and Microsoft RMS (Rights Management Service) integration, including support for Microsoft Azure RMS, and native rights management capabilities. These include a new browser-based, zero-install RMS client that allows managing access to protected documents by customers without existing Rights Management infrastructure. Page 3 of 6

The NextLabs Rights Management Client is supported on Windows, Mac, Linux, ios, and Android. They also provide integration with key enterprise applications including SAP, Siemens Teamcenter, Dassault Enovia, PTC Windchill, SharePoint, Office 365, file servers and cloud storage such as Dropbox and Box.com. User identities can be sourced from Active Directory, Azure AD, or any LDAP-compliant directory or HR systems such as SAP HCM. NextLabs provides a strong authorisation module that meets various industry regulatory requirements such as the North America Electricity Reliability Corporation (NERC) and export compliance protection required by agencies such ITAR, EAR, BAFA and the UK Export Controls Act. NextLabs also works with various standards bodies including NIST, OASIS, OpenLiberty and TSCP. The Control Center Information Control platform exposes its capabilities through an Eclipse interface that is targeted more towards the power user. However, NextLabs has the ability to provide automated auditing and reporting leveraging an easy to use interface. NextLabs exposes Policy Management through an Eclipse interface; reporting and administration is exposed via a web application. NextLabs, aside from its intensive work in standards initiatives and the more than 35 patents, has a well thought-out roadmap and a clear strategy on expanding its footprint in the market through industryspecific solutions and partnerships. 3 Strengths and Challenges NextLabs differs from other solutions in the emerging Secure Information Sharing market by its specific platform approach, but also the combination of core enterprise digital rights management capabilities with XACML-based policy management, integrated automated classification, and in particular file type agnostic and in-depth support for a number of specific environments such as PLM, ERP, and Content Management Systems. NextLabs EDRM is file type agnostic and is the only vendor with native support for CAD/CAM and 3D models. The solution is well thought-out, offering both its own integrated Rights Management capabilities as well as integration with Microsoft RMS, thus giving customers a choice and flexibility for their deployment. In particular they are able to manage an environment with consistent policies across these platforms. NextLabs has a significant number of assigned and pending patents and is strongly supporting standards, such as XACML for policy-management. Furthermore, while the number of active partners is still relatively small, NextLabs has managed to create a partner ecosystem with a good ability to execute on a global scale. NextLabs is also collaborating tightly with a number of leading vendors such as SAP, Siemens around PLM, Microsoft, IBM, and others. Previously, a shortcoming has been their limited support for mobile devices. They are now in the process of executing on a strong mobile strategy. The same holds true for their policy management and administration interfaces, where we recognize significant progress. Page 4 of 6

In summary, NextLabs provides an interesting offering for protecting information across the entire lifecycle that should be included when evaluating solutions for setting up a secure information sharing infrastructure within organizations. Strengths Longevity on the market with a mature data sharing model Strong support for standards, including XACML File type agnostic with strong emphasis and native support for CAD/CAM and 3D models Web-based solution without client install available Innovative vendor with a significant number of patents in the area of Information Protection Industry-specific solutions for various use cases and out-of-the-box support and ease of integration with enterprise applications like SAP ERP, PLM, and Microsoft SharePoint Comprehensive approach including policy management, encryption, and classification Challenges Currently only provide basic capability for mobile devices Relatively complex standard user interface for policy management Still limited number of partners, but various large partners on global scale, well-selected with good ability to execute 4 Copyright 2015 Kuppinger Cole Ltd. All rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them. Page 5 of 6

The Future of Information Security Today KuppingerCole supports IT professionals with outstanding expertise in defining IT strategies and in relevant decision making processes. As a leading analyst company KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business. KuppingerCole, founded in 2004, is a global Analyst Company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies. For further information, please contact clients@kuppingercole.com Kuppinger Cole Ltd. Sonnenberger Str. 16 65193 Wiesbaden Germany Phone +49 (211) 23 70 77 0 Fax +49 (211) 23 70 77 11 www.kuppingercole.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information