Large Enterprise Professional Services Company


  • Is concerned about protecting the following types of information:
    • Financial data
    • Credit Card information
    • Mission-critical text, voice, and video information
    • Customer personally identifiable information (PII)
  • Require data protection during the following circumstances:
    • Database security
    • Unstructured data security
    • Intellectual property
    • Data segregation
    • Contractual requirements (either with a customer or for suppliers)
    • Legacy application security

Use Case

  • Applies Vormetric Data Security to adhere to global compliance regimes in the following ways:
    • Help meet requirements 3, 7 and 10 of the Payment Card Industry Data Security Standard (PCI DSS) that call for the protection of cardholder information
    • Secure personal information
    • Provide security, access control and reporting so enterprises can demonstrate effective controls over sensitive information mandated by Sarbanes-Oxley, GLBA, and Basel III
  • Uses Vormetric Data Security to achieve the following:
    • Tightly monitor exposure, and implement transparent controls that do not impact how employees perform their jobs
    • Leverage alerts that trigger red flags when users are performing actions outside of the behavioral norm
    • Engage in ongoing monitoring and reporting
    • Establish an appropriate separation of duties between IT operations and IT security
  • Uses the following SIEM solutions to identify possible internal threats or APTs:
    • HP Arcsight
    • Symantec Security Information
    • Solutionary


  • Prevents the following insiders from accessing protected data with Thales eSecurity:
    • System administrators
    • Domain administrators
    • Network administrators
    • Database administrators
    • UNIX/LINUX root users
    • Security administrators
    • Federal contractors and outsourcing
  • Purchased Vormetric Data Security for the following reasons:
    • Network-centric and perimeter security do not protect sensitive data
    • Current compliance measures are inadequate when it comes to safeguarding the business
    • A data-centric strategy locks down the data, and removes risk from privileged users
    • Thales eSecurity sets controls around the data and examines controls from the inside out
  • Rates the likelihood of recommending Thales eSecurity as 10 out of 10.