As one of North America’s premier drug store chains this company handles large amounts of sensitive personal and business-related information. One factor in the impressive longevity and growth of the organization is the encouragement of continual innovation to create new products and services that benefit the organization’s large customer base: These include online prescription refills, web and phone-based medical advice hotlines, and a wide range of health and wellness programs.
With many hundreds of retail locations and a large headquarters presence, maintaining rigorous standards for the protection of data is a constant priority. The nature of the company’s business involves many different types of data – from patient records to financial information and intellectual property – each falling under the directives of a variety of governmental and industry requirements.
Maintaining compliance – either voluntarily or under regulatory mandate – requires that a number of security measures be in place at all times. A critical element of the company’s multi-layered defense strategy involves the use of encryption to encode sensitive data; in order to ensure that the infrastructure continues to be populated by best-in- class products, it was determined that a new encryption solution should be identified, tested, and implemented.
To support the pharmacy chain’s constant release of new capabilities for its employees and customers, it was imperative that the IT infrastructure – and all its constituent components – be commensurately flexible and scalable.
Reflecting the diversity of data under its control, the company placed an emphasis on being able to choose if individual files needed to be encrypted or not: Not every file needs securing, so the ability to accurately differentiate between candidates became a key selection criterion in the search for a suitable encryption solution.
Following a period of investigation the short list of viable contenders was narrowed down to one solution: Vormetric Transparent Encryption. The company’s director of network and security recalled, “We had an exhaustive list of evaluation metrics and used these to uncover that Vormetric was clearly the best solution for us.”
A proof of concept was undertaken to verify performance in the organization’s own environment: “We subjected the Vormetric solution to a wide range of challenges – including regression testing – and it performed admirably,” the director noted. “We were able to confirm that it really was the most flexible option out of everything we’d reviewed and had the ability to execute across all the different scenarios we threw at it.”
Once the decision to proceed had been made, a pilot involving 10 stores was conducted to validate the implementation procedures. Following the successful completion of the trial, the remaining stores were deployed in batches of 40-50 each week. The security expert extolled, “We were able to do the full rollout from a central location: Saving us considerable time and money when compared with the alternative of visiting each one of the many hundreds of sites.”
Implementation of Vormetric Transparent Encryption ensures that sensitive information is never exposed, irrespective of its state, location, or format. “Vormetric now protects everything we need encrypting, including data at rest; making it ideal against any network-sourced malware attacks that do manage to evade our other measures,” the director commented.
He continued, “The inherent flexibility of the Vormetric architecture makes it ideal to support our current operational model but equally important, we don’t have to worry about encryption-related issues restricting any of the new capabilities we want to implement in the future.
“Vormetric is totally application transparent and the ability to protect data is not impacted by modifications to key infrastructure components, like changes to our database platform.”
To keep business running smoothly in its hundreds of branch locations, the company has an in-field service unit replacement policy that includes swapping out disk drives as a resolution for hardware and software problems. The use of Vormetric encryption ensures that even when physically removed from the stores, the contents of every drive continue to be secure.
Performance And Protection
Vormetric Key Management’s extremely granular level of control gives the security team the capability to precisely specify which users are permitted access to individual data elements across the network.
“Despite the dramatically enhanced levels of protection and control, performance has been outstanding. Prior to the proof of concept we did have some concerns about the ability of certain of our legacy infrastructure products to support the new functionality but we’ve had zero negative feedback from any users,” remarked the company’s director of network and security.
He summarized, “Encryption is a critical component in our security strategy but it also needs to function in a way that doesn’t impose limitations on where we want to take the business. Vormetric gives us the protection, the flexibility, and performance – all with the right cost of ownership – to make it a compelling addition to our environment.”