Digital Compliance relies on Vormetric to protect client data from every attack vector
Digital Compliance launched its innovative Venminder solution in 2013 in response to a growing need for FFIEC-compliant vendor management within financial institutions. This cloud-based application enables banks and credit unions to meet all regulatory and business management requirements in the complex vendor management arena.
Federal regulations now require annual exams (audits) to make sure financial institutions are doing due diligence in terms of securing access to their customers’ data and money. Among various regulations, the Federal Deposit Insurance Corporation (FDIC), an independent agency that governs banks, requires that private cloud data be encrypted.
Digital Compliance prepares clients and their vendors for annual audits. Describing itself as a private cloud, the company collects proof of conformity documents from clients’ vendors either by creating a portal, or by facilitating the direct upload of information. Needing to protect this data both in transit and at rest, Digital Compliance looked for an encryption solution that embodied ease of implementation, reliability and value.
Although the company primarily runs a Microsoft Windows®-based environment, Brian Adams, Digital Compliance’s chief technology officer, explained, “We wanted the flexibility to be able to move pieces to different cloud environments or even to a different operating system.” Additionally, Digital Compliance wanted to offer the flexibility to have encryption at either the folder and/or file levels.
Adams and his team researched a variety of encryption solutions. “Vormetric gave us the flexibility that other offerings couldn’t,” said Adams. “It was the perfect value proposition, plus we already had the knowledge that it works in our industry.”
Vormetric’s ability to maintain encryption in all states, permitting only authorized users access, proved to be a big advantage over other solutions. Adams noted, “What Vormetric did that nobody else could was enable our cloud computing environment to keep running backups of our software and data while all the information remains encrypted. In other words, facilitating what needs to be done at the data center to make sure we could recover the data should there ever be a failure, while keeping the data encoded and secured against advanced persistent threats.”
Digital Compliance opted to encrypt its SQL server database. Working closely with Vormetric’s team to implement the solution, Adams described the process as “smoother than anything else we’ve experienced.” In fact, Venminder was offline for less than two hours while the encryption rolled out.
When the implementation was complete Adams noted, “Everything worked perfectly. Equally important, Vormetric Encryption had no noticeable negative impact on performance.”
Secured Data for Compliance
Vormetric was on call and present for Digital Compliance from creating an initial proof of concept through post implementation follow up. Adams summarized, “Vormetric’s attention was particularly noteworthy. Its staff not only made sure our rollout went smoothly but that a week later, things were still on track and the configurations were all correct. It’s been ‘set it and forget it’ with Vormetric. I know our clients’ data is secure and meeting all federal requirements.”