Small Business Financial Services Company


  • Is concerned about protecting the following types of information:
    • Financial data
    • Credit Card information
    • Employee personally identifiable information (PII)
    • Mission-critical text, voice, and video information
    • Customer personally identifiable information (PII)
  • Require data protection during the following circumstances:
    • Database security
    • Unstructured data security
    • Intellectual property
    • Contractual requirements (either with a customer or for suppliers)
    • Security of data during hardware repair or disposal

Use Case

  • Applies Vormetric Data Security to adhere to global compliance regimes in the following ways:
    • Help meet requirements 3, 7 and 10 of the PCI DSS that call for the protection of cardholder information
    • Provide safe harbor and helps businesses avoid the cost and brand damage that comes with breach notification
    • Secure personal information
    • Meet the electronic code of federal requirements for compliance with the HIPAA Security Rule
    • Meet NIST SP 800-53 Guidelines
  • Uses Vormetric Data Security to achieve the following:
    • Lock down their data with encryption, strong key management, and security intelligence
    • Create strict access policies that ensure only authorized users can access sensitive information
    • Reduce the attack surface against sophisticated Cyber threats, including APTs and zero-day attacks
    • Tightly monitor exposure, and implement transparent controls that do not impact how employees perform their jobs
    • Engage in ongoing monitoring and reporting
  • Uses the following SIEM solution to identify possible internal threats or APTs:
    • RSA Envision


  • Prevents the following insiders from accessing protected data with Thales eSecurity:
    • UNIX/LINUX root users
    • Federal contractors and outsourcing
  • Purchased Vormetric Data Security for the following reasons:
    • Thales eSecurity sets controls around the data and examines controls from the inside out
    • Data is the main target for APTs and server data is the biggest target
    • Data-centric security mitigates risk and reduces the attack surface for APTs
  • Rates the likelihood of recommending Thales eSecurity as 10 out of 10.