Sensitive data is a term that refers to information that is protected against unwarranted disclosure. Sensitive data should be safeguarded against unauthorized access. It typically contains information about business, employees, and customers that is protected by industry and government regulations. These regulations include PCI-DSS (Payment Card Industry Data Security Standard), GLBA (Gramm-Leach-Bliley Act, also known as the Financial Services Modernization Act), and BCBS 239 (Basel Committee on Banking Supervision’s regulation number 239). With data breaches more prevalent than ever before (and on the rise), it is imperative for the financial industry work to protect the sensitive information in their possession from falling into the wrong hands.
Protection of sensitive data in financial services is often required for legal or ethical reasons, issues pertaining to personal privacy, or proprietary considerations. Corruption or theft of this data not only places an organization out of regulatory compliance, it puts them at financial risk because of the high cost of data breaches.
Every financial institution is at risk for a data breach. The devastating Equifax data breach should be a wakeup call for the industry, pointing to the business exposure associated with securing sensitive data when it is not protected properly. Shortly after the intrusion was first announced in September 2017, it was revealed that the breach cost Equifax $4 billion.
So how do you keep sensitive information in financial services organizations protected from data breaches similar to Equifax’s?
The PCI Security Council was founded in 2006 by major credit card companies, including American Express and MasterCard. Its goal is to establish regulations that secure personal information exchanged through the payment card industry (PCI). PCI DSS v3.2 compliance, introduced in April 2016, is imperative for financial institutions.
Sensitive data in financial services organizations is fluid, and is continuously growing in volume. Consistent with that growth in data volume is the continued adoption of cloud services and data stores. This means you need a solution that has the ability to deliver optimal performance with near-zero latency, and easily scale with the changing volumes of data in the cloud. You also need a security solution that provides combined protection for data-at-rest and data-in-motion. Finally, data protection policy must be applied and enforced consistently across the distributed computing environment.
Zettaset is a leading provider of advanced data encryption solutions designed for the kind of complex distributed computing architectures that are deployed by companies in financial services for whom data is their most valuable asset.
Our all-software data protection solutions are optimized to deliver high performance with near-zero latency, infinite scalability, and ease-of-use. The goal is to provide the highest levels of data protection, while reducing costs and simplifying deployment.