6 Alarming Facts About Electronic Health Records

One of the most difficult issues for a CIO to tackle is the ability to know who has access to what critical data and why. In the the case of healthcare and insurance providers, Electronic Health Records (EHR) contain even more valuable information than most data sources due to the sensitive and detailed nature of […]

Security Compliance Using Externalized Authorization

Central Decision Point for Fine-grained Access Control: Entitlements Management To effectively comply with various industry regulations, businesses require integrated, cost-effective information risk management solutions that can protect data and manage entitlements over applications. This document offers guidance on conducting an organizational IT risk assessment, and provides a template for determining what type of security controls […]

Federal Mission: Security Compliance using Externalized Authorization Management (EAM)

United States federal agencies are beholden to myriad regulations and standards, some of the most notable of which are the FIPS Publication 200 and the NIST Special Publication 800-53. Both documents, in combination, “ensure that appropriate security requirements and security controls are applied to all federal information and information systems.” These documents offer guidance on […]

Proving Compliance throughout the ABAC Lifecycle

One of the benefits of Attribute Based Access Control is the ability to fine-tune compliance checks and balances in real time, and make changes to policies to meet compliance in an immediate, centralized way. What’s even more complex is proving compliance, especially when it comes to showing access control permissions in real-time. The full-circle management of […]

Enforcing Fine Grained Access Control Policies to Meet Legal Requirements

A Webinar with Axiomatics and IAM Analysts KuppingerCole: Take me to recording Join Axiomatics and leading analyst firm KuppingerCole to learn more about Attribute Based Access Control (ABAC). ABAC solutions provide an organization with the power to control access to protected resources via a set of policies. These policies express the increasingly complicated legal and business environments […]

Axiomatics Review Manager

Enforcing complex and changing regulations is a continuous challenge for enterprises and federal agencies; it’s a costly and time-consuming activity that requires ongoing diligence. The first part is achieving compliance – but the ongoing need is the right reporting to prove safeguards are in place. For organizations that have already adopted Attribute Based Access Control (ABAC) the challenge of regulatory […]

Axiomatics Review Manager Product Sheet

Enforcing complex and changing regulations is a continuous problem for enterprises and federal agencies. It is both a costly and time-consuming activity that requires ongoing diligence to achieve compliance – and reporting to prove the right safeguards are in place. For organizations that have already adopted Attribute Based Access Control (ABAC) the challenge of regulatory […]

The CISO’s Guide to Planning for ABAC Success – with Guest Speakers from Security Architects Partners

A webinar with Axiomatics and Security Architects Partners Axiomatics and Security Architects Partners present this session on the components for a successful transition from legacy access control models, such as Role-based Access Control, to one that enables dynamic authorization. Attribute Based Access Control, known as ABAC, is the new model for access control as identified by NIST […]

How Top Banks Use an Attribute-Based Approach (ABAC) to Protect PII, Critical Assets, and Meet Regulations

Find out why Attribute Based Access Control is the solution for the world’s leading banks and financial institutions. As demands for better online services– from customers, staff and third parties – escalate, so too do the number and complexity of regulations. The list of requirements is many: FFIEC, FRB, FDIC, OCC, NCUA, CFPB, ACSSS to […]

Healing Data Leakage in the Modern Health Care Environment

The move to electronic records (EHR) in the health care industry – across providers, insurance companies and a multitude of third parties – has increased the speed of sharing records, and in theory, the quality of care provided to individuals. However, this instant-access ecosystem also introduces increased risk – as the more users that have […]

From Static Roles to Dynamic Attribute-Based Authorization

This is a joint webinar together with analyst firm KuppingerCole. The webinar is hosted on KuppingerCole’s website.  Take me to the webinar Dynamic authorisation systems complement or replace the rigid role concepts through direct implementation of business-driven authorisation rules in the form of policies, and they make decisions about the access of employees, partners, and […]

Meeting Health Care Privacy Regulations with Attribute Based Access Control

Personally Identifiable Information (PII) with related sensitive health care data is increasingly being maintained in electronic records. This means PII data can be made available, reproduced and transferred with more ease than ever before. Legislation in many countries is being adapted to secure trust in institutions, to meet the confidentiality and privacy concerns that are […]

Enforcing Segregation of Duties

About Enforcing Segregation of Duties White Paper IT organizations have struggled to identify potential Segregation of Duties (SoD) violations within their IT systems. A violation of this kind occurs if a user is given permissions which combined can be used to subvert a business critical process or in other ways cause harm in breach of […]

Patient Data Privacy for eHealth Services

The Center for eHealth in Sweden coordinates the efforts of county councils and regions in the establishment of national eHealth services. Within this framework, the Swedish national healthcare security infrastructure “BIF” is maintained. The overall objective is to provide a secure infrastructure to meet patient privacy requirements while granting authorized care providers access to the […]

Financial Services Industry Brief

Is it possible to protect access to sensitive information and secure financial transactions without sacrificing business agility? It is with dynamic authorization and policy-driven access control. Leading financial institutions around the world are shifting to Attribute Based Access Control (ABAC) to get this balance right. ABAC helps them meet the authorization demands of the modern […]

Manufacturing: The Essential Guide to Sharing and Securing Sensitive Data

Global industries depend on information sharing across the borders of nations and jurisdictions. Intellectual properties are at stake and export control compliance is non-negotiable. An obvious business case for XACML. Intellectual Property Control Profile simplifies access controls for the protection of copyright, trademarks, patents and trade secrets. Compliance with export control regulations can only be […]

Insurance Industry Brief

Insurance companies go to market via agents and agents of agents. Clients expect efficient and secure online services. Authorities demand strict regulatory compliance. Attribute Based Access Control (ABAC) keeps everyone happy. In 1768, Captain Cook took out a policy on his modest home near Assembly Row off London’s Mile End Road. The house was covered […]

CSS Insurance – Onboarding New Authorization Tasks

Having tested various solutions to resolve authorization issues with their corporate document management system, CSS Insurance turned to the Axiomatics Policy Server (APS) to deliver effective Attribute Based Access Control. As the fine-grained, context-aware authorization tool had already been deployed to ensure compliance with newly introduced healthcare reporting regulations, the challenge was to increase the scope […]

Swiss Re – User Permisson Management

The insurance sector is highly regulated. Sensitive information must be protected in compliance with regulations, with as little impact on business as possible. At the same time compliance with regulations has to be proven to auditors. Key to this is managing and enforcing user permissions to information. However, in many organizations legacy IT systems and […]

Cross Border Privacy Enforcement – Global Financial Services and the Data Flow Challenge

Privacy regulations impact cross-border transactions in the financial services industry. Domestic processing of personally identifiable information (PII) and the transfer thereof for storage or processing outside the country’s jurisdiction are scenarios with different regulatory mandates. This business case brief will highlight the challenges and solution to secure information and to be compliant with regulations. Key […]

Cutting Through Export Control with Bell Helicopter and Axiomatics

In this webinar, together with guest speaker Greg Heartsfield from Bell Helicopter, we will focus on the complexity of export control and PLM systems and the challenge of overseeing data classification schemes subject to change. Because PLM systems were designed to help collaboration across departments and external parties, these systems require fine-grained authorization to make […]