The lifeblood of a banking or financial services firm is data. And this financial and banking data includes customer financials and account information, cardholder data and transactions and non-public personal information. Almost all the data generated or used by a financial services firm, is regulated, potentially sensitive or private.
The data security compliance and regulation challenges alone are daunting for banking or financial services firms. Data-at-rest security requirements are found within PCI DSS requirements for credit card related information, GLBA, SOX/J-SOX, NCUA, data privacy and data residency laws, and even the USA Patriot Act. Each data security requirement adds to the need to protect sensitive data wherever it resides. In addition, banking and financial services organizations must meet the additional data security concerns that result from normal operations:
The Vormetric Data Security Platform is a data security solution with a common, extensible platform to meet critical banking and financial services compliance requirements, regulatory and sensitive data-at-rest security needs:
Vormetric Transparent Encryption provides file and volume level data-at-rest encryption, secure key management and access controls required by regulation and compliance regimes. Data access monitoring information provides another level of data security in financial services from malicious insiders, privileged users, and attacks that compromise accounts — delivering the access pattern information that can identify an incident in progress.
Vormetric Application Encryption enables banking and financial organizations to easily build encryption capabilities into internal applications at the field and column level.
Vormetric Key Management enables centralized management of encryption keys for other environments and devices including KMIP compatible hardware, Oracle and SQL Server TDE master keys and digital certificates.
Vormetric Tokenization with Dynamic Masking lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, managers can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.
Merchants and organizations expect the underlying database to be highly secure and in compliance, as sensitive cardholder...