S&P 500 Financial Services Company


  • Is concerned about protecting the following types of information:
    • Financial data
    • Credit Card information
    • Intellectual property
  • Require data protection during the following circumstances:
    • Intellectual property
    • Data segregation
    • Legacy application security
    • Security of data during hardware repair or disposal

Use Case

  • Applies Vormetric Data Security to adhere to global compliance regimes in the following ways:
    • Provide safe harbor and helps businesses avoid the cost and brand damage that comes with breach notification
    • Meet national data protection laws that mandate encrypting citizen personal information including UK Data Protection Act, EU Data Protection Directive and South Korea’s Personal Information Protection Act
    • Provide security, access control and reporting so enterprises can demonstrate effective controls over sensitive information mandated by Sarbanes-Oxley, GLBA, and Basel III
    • Enable large, consolidated datacenters to segregate and control data to meet the legal obligations of data across borders compliance measures without modifying applications or storage infrastructure
  • Uses Vormetric Data Security to achieve the following:
    • Lock down their data with encryption, strong key management, and security intelligence
    • Create strict access policies that ensure only authorized users can access sensitive information
    • Reduce the attack surface against sophisticated Cyber threats, including Advanced Persistent Threats (APTs) and zero-day attacks
    • Tightly monitor exposure, and implement transparent controls that do not impact how employees perform their jobs
    • Leverage alerts that trigger red flags when users are performing actions outside of the behavioral norm
  • Uses the following SIEM solutions to identify possible internal threats or APTs:
    • McAfee Nitro Security
    • RSA Envision
    • Splunk
    • Symantec Security Information
    • Trustwave
    • Dell SecureWorks


  • Prevents the following insiders from accessing protected data with Thales eSecurity:
    • Security administrators
    • Federal contractors and outsourcing
  • Purchased Vormetric Data Security for the following reasons:
    • Current compliance measures are inadequate when it comes to safeguarding the business
    • A data-centric strategy locks down the data, and removes risk from privileged users
    • Thales eSecurity sets controls around the data and examines controls from the inside out
    • Data-centric security mitigates risk and reduces the attack surface for APTs
  • Rates the likelihood of recommending Thales eSecurity as 10 out of 10.