Fortune 500 Financial Data Services Provider
Case Study Customer: A leading Fortune 500 corporation providing financial data services with 19,000 employees generated in excess of $4 billion in revenue from clients including financial institutions, telecommunications and utility companies, healthcare and insurance providers, retailers and municipalities.
An important component of this commerce systems provider's business operations involves maintaining credit and debit card information on be half of financial services clients. In order to provide the highest levels of security and customer confidence, it participates in the Payment Card Industry’s Data Security Standard (PCI DSS) which provides a stringent set of requirements for handling and protecting sensitive card-related data.
The company, a long-standing supporter of PCI DSS, has always been proactive in ensuring that its environment exceeds the expected compliance requirements. As part of the initial ramp up to gain compliance the company determined the need for a robust, centralized encryption and key management solution.
Potential data security solutions were identified and evaluated against a detailed set of criteria. In addition to flawless performance in encryption and key management, contenders were assessed on heterogeneous capabilities, impact on transaction processing time and the ability to handle a wide variety of applications and data repositories.
The Technical Project Manager for the commerce systems provider recalled, “We looked at many products, including native solutions for our Linux and IBM AIX platforms, and even several open source candidates. It rapidly became apparent that the Vormetric Data Security solution was coming out on top.”
Having selected Vormetric Data Security, a two month proof of concept was conducted using data located in servers running the IBM AIX operating system. The Technical Project Manager commented, “We deliberately picked a very challenging scenario to test the application. We knew that if things worked well, deployment into a more standard environment would be easy.”
After a highly successful proof of concept, the Vormetric Data Security solution was fully incorporated into the commerce systems provider’s diverse infrastructure.
Following the Vormetric Data Security deployment, the company was able to attain PCI DSS compliance within its planned implementation schedule.
The current infrastructure utilizes virtual desktop infrastructure (VDI) and Hypervisor from VMware, with direct-attached SCSI drives containing approximately 5 TB of encrypted data. The Technical Project Manager stated, “The combination of Vormetric Data Security and our VMware VDI environment provides us with great protection. There is multi-factor authentication to get to the virtual environment and then an arsenal of policies to guard the data inside of the VDI; all contributing to helping us exceed the rigorous PCI DSS audit requirements.”
In the three years since the original proof of concept was completed, the solution has continued to excel. The Technical Project Manager commented, “Once configured, the Thales eSecurity solution really just runs itself. We don’t have to explicitly manage anything and despite the sophistication of the product, the Web-based management console makes administration a very straightforward task.”
He continued, “Right from the outset, we knew that we could not tolerate any negative impact on the speed of processing card transactions. We’ve been able to successfully layer the comprehensive Thales eSecurity capabilities on top of our existing heterogeneous environment with no discernable drop in transaction throughput.
“The Thales eSecurity support team is always accessible and committed to doing whatever it takes to ensure we are successful. It is very clear that the whole company views our relationship as a true partnership.”
Vormetric Data Security
Thales eSecurity provides a proven data security solution to enable rapid compliance with multiple aspects of PCI DSS. Vormetric Data Security delivers industry-leading data encryption and key management capabilities without the need to modify existing infrastructure components. High-performance encryption methods ensure negligible impact on transaction throughput and a sophisticated Web-based management console minimizes incremental operational overhead.