DIGITAL GUARDIAN CASE STUDY

Keeping Customer Financial Data Safe

About The Customer

A top 20 global financial institution that provides banking, investments, life insurance services and retirement services to consumers. The institution’s wholesale banking division provides international banking with local presence in more than 15 countries. Their global franchises serve a wide range of organizations, including corporates, multinational corporations, financial institutions and governments. 

All of this means a collection of sensitive, corporate and personal financial information their customers expect will be properly protected. 

 

The Business Challenge

Given the global nature of its operation, the wholesale banking division lacked visibility and control of data that was being exchanged and shared across its offices. Regulatory compliance and internal governance was difficult to achieve given the limited knowledge of where and how sensitive data moved. However, they did have extensive data classification system in place and had deep knowledge of what data to protect. This knowledge gave them a foundation upon which to build a data protection program.

 

INDUSTRY

  • Financial Services

ENVIRONMENT 

  • 52,000 employees 
  • Offices in 25 countries 
  • Consumer and commercial banking services

CHALLENGE

  • Limited visibility into global data flows 
  • Regulatory compliance mandates for data protection 
  • Limited budget to expand infosec team 
  • Wanted to integrate with existing data classification solution

RESULTS

  • Secure communications with business partners, agents, and brokers 
  • Validate and refine the current controls on sensitive financial data 
  • Protect customer information from being posted on web sites 
  • Protect customer documents from being sent out unsecured environment
PDF Version

Their next logical step was to discover where the data was being stored (desktops/servers), how the data was being used, and how the data flows that could put the company at risk for a security breach. Once they were armed with the details around the actual data flows, they could compare these with what the expectations were and what regulations mandated.

 

Critical Success Factors

  • Comprehensive visibility into global data flows 
  • Support regulatory compliance efforts 
  • Ensure protection of senstive financial data 
  • Leverage existing data classification to prioritize security resources

 

The Solution

The financial institution deployed Fortra™’s Digital Guardian® ’s appliance based Network DLP. The appliances were optimized to find, identify, and protect the regulated data typical to financial institutions and are built for rapid deployment and low overhead. The customer was able to get the appliances installed, configured, and protecting data within only a few days. Immediately upon installing the appliances, the customer saw where sensitive data was flowing throughout that entire organization, and when it was leaving their control and potentially at risk for external exposure. They could adjust data security policies based on the newfound visibility. The existing data classification system allowed the Digital Guardian DLP to make more accurate decisions around polices, reducing time wasted on false positives and false negatives. 

The organization had a lean IT organization, and due to security staffing challenges, needed a solution that would not require additional staff, or a labor-intensive solution. The Digital Guardian Network DLP appliance requires minimal effort once installed, meaning the customer would not need to incur the cost of new InfoSec employees.

The Results

The customer was able to secure communications with business partners, agents, and brokers, and document the steps taken to protect the sensitive data to each of these parties for regulatory compliance and internal governance. The new visibility into all data flows allowed them to validate and refine controls on sensitive, financial data. They were better able to protect customer account information from being exposed on web sites, or sent via unsecured channels.

About Digital Guardian

INSTALLED BASED

  • Over 600 customers from across the globe 
  • Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology 
  • Used by 7 of the top 10 patent holders 

DISCOVERY AND CLASSIFICATION 

  • Endpoint, network, cloud and local data storage 
  • Content, context, and user classification 
  • Fully automated to fully manual classification 
  • Over 300 data types, over 90 languages 

EDUCATE AND ENFORCE 

  • Monitor log, prompt, justification request 
  • Auto-encrypt, quarantine, move, block

ACTIONABLE ANALYTICS 

  • System, user, and data level event visibility 
  • Analytics that filter out the noise 
  • Drag and drop incident management 
  • Right click remediation in real time 

OPERATION SYSTEM SUPPORT

  •  Full visibility, analytics and controls across multiple operating systems 
  • Mac 
  • Windows 
  • Linux 

DEPLOYMENT 

  • On-Premise 
  • SaaS 
  • Managed Security Program

Data Types We Protect 

BANKING 

  • Personally Identifiable Information (PII) 
  • Payment Card Industry (PCI DSS)

INSURANCE 

  • Protected Health Information (PHI) 
  • Personally Identifiable Information (PII) 
  • Payment Card Industry (PCI DSS)

FINANCIAL MARKETS 

  • Intellectual Property (IP): Deal Management Information, Trading Algorithms, Financial Modeling, IPO Plans, M&A Plans
LEARN MORE

See how Digital Guardian can protect your organization’s sensitive data and critical assets.

SCHEDULE A DEMO       REQUEST PRICING