Ways Global FOR RETAIL

Transcription

1 5 Ways Global RETAILERS Protect THEIR CUSTOMER Data

2 In the new digital environment, keeping pace with security is the new reality Digital disruption over the last decade has impacted how retailers communicate, connect, and sell to their customers. This transformation has caused a significant increase in technology that drives intelligence and analytics of customers. When personalizing the customers journey, many retailers find their traditional security can t keep pace with the increase in technology and business requirements. In response, organizations are looking at alternative, data centric protection methods to enable them to scale more effectively. Data responsibilities Payment Card Industry Personally Identifiable Information Cloud personalization program Multi Channel General Data Protection Regulation Data protection drives Customer acquisition and loyalty Establishment of trusted brand Expansion into new market sectors Digital innovation Enhanced customer experience 2

3 Helping Brands Protect Sensitive Assets for Over 10 Years Protegrity has a passion for our customers, our people and the work we do. We re keen to share the best practices for protecting sensitive data which we ve honed from working with over 300 global brands. Our disruptive data protection solutions offer better flexibility and capability in a way that will not compromise operational excellence or digital success. Our work is driving analytical excellence through more powerful, flexible data security and compliance with key regulations as shown in the following use cases Protegrity expertise includes central control of Data Discovery Enterprise-wide Data Protection Cloud and Big Data Security Encryption and Pseudonymisation Audit and Compliance Reporting Given the highly sensitive nature of the services we provide to our customers, their identities have been anonymized here to protect their security posture but further details are available upon request. 3

4 1 ecommerce Retailer Compliance with internal privacy requirements and industry data protection standards within a very short turnaround time made this ecommerce giant seek advice about security solutions to protect PII and PCI data within their data warehouse. The global online retailer felt confident they had found a security solution they could trust to protect customer information without compromising performance. Within three weeks, data discovery was complete and the entire solution took fewer than six months to implement. The retailer started by providing Protegrity with a list of high priority sensitive data elements to be protected, which formed the basis of their organization s security policies. Protegrity s Enterprise Security Administrator enabled the retailer to centrally control and enforce security policies throughout the data flow, and Protegrity Database Protectors ensured that sensitive information remained protected within the enterprise data warehouse. This deployment also allowed the retailer s security team to restrict access to sensitive data to authorized users only and automate monitoring, auditing and alerts on the entire data security system for compliance with not only internal privacy requirements but also those of the GDPR ahead of time. This global ecommerce company is now expanding the Protegrity model to bring their entire organization into compliance with international data protection regulations. 4

5 IMPACT Negligible DEPLOYMENT Less than 6 months VOLUME PII protection in 500 tables Protegrity came very highly recommended by data warehouse provider and they ve more than met our expectations. DRIVER Compliance with internal requirements and industry standards for data protection CHALLENGE A very short deadline for project completion STEPS TO SUCCESS Working with data owners to discover sensitive data elements throughout the data flows SOLUTION Protegrity s Enterprise Security Administrator and Database Protectors for central control of data protection, monitoring and alerting BENEFITS Compliant business performance continuity and an established model for GDPR success ahead of time 5

6 2 MULTINATIONAL RETAILER Internal privacy policies dictated that this multi-billion dollar retailer protect the identities of their many customers and employees, an ambitious goal for a global brand committed to analytics for digital lift and subject to regulations including the U.S. Food & Drug Administration (FDA) reporting requirements. Protegrity data security solutions inimitably allowed the retailer to realize their ambitions in a complicated, heterogeneous IT landscape. Starting with Social Security Numbers (SSN), this retailer deployed Protegrity Database Protectors to protect employee data in the integrated data warehouse from Teradata. This became the blueprint for expanding Protegrity s footprint to include SQL Server and big data Protectors for Pivotal HD, to protect sensitive information and business processes throughout the enterprise. Leveraging Protegrity Vaultless Tokenization, which replaces sensitive data with secure tokens of the same data type and length, has enabled this retail brand to democratize access to data without the need for changes to existing tables, applications and operational processes including analytics. Using Protegrity s Enterprise Security Administrator enables this retailer s security team to centrally monitor and restrict access to sensitive data, define alerts for the entire data security system and automate auditing and reporting for compliance with the FDA. 6

7 IMPACT Almost no negative effect on business processes Protegrity allowed our internal customers to access and analyze the data in realtime all the while keeping the data safe. DRIVER Maintaining privacy as a corporate brand value while enabling analytics for digital lift and complying with FDA regulations CHALLENGE Democratizing data access while satisfying stringent corporate and legal requirements without compromising business processes STEPS TO SUCCESS Focusing on one sensitive data element as a priority and using tokenization to protect it without diminishing its value which served as a blueprint to scale and expand security to other business systems SOLUTION Protegrity s Enterprise Security Administrator and Database and Big Data Protectors enable this organization to centrally control, audit and report access to sensitive information BENEFITS Compliant data democratization without compromise to analytical value or business continuity 7

8 3 GLOBAL RETAILER A global nutrition corporation that develops, markets, and sells dietary supplement, weight management, sports nutrition, and personal care products needed to comply with PCI DSS Level 1 merchant compliance by securing 117MM sensitive customer payment card records in 400+ controls in a very short timeframe. As a PCI DSS Level 1 merchant, the retailer must comply with the strictest regulations in the industry pertaining to the handling of sensitive payment card data. The retailer potentially faced a series of very large, escalating fines for noncompliance. The retailer needed an approach that would allow them to take as many environments as possible out of PCI DSS compliance audit scope, which would require removing PCI data from those systems. The retailer chose Protegrity after evaluating performance, cost, and definitive peer references. Protegrity offered the most powerful and cost effective solution. There were more than 400 controls that could apply to over 117 million customer records stored, if we didn t reduce scope, said the retailer s Head of Global Information Security. That complexity would require weeks or months to complete each annual PCI DSS audit. 8

9 IMPACT Little to no impact on existing systems DEPLOYMENT 2 days VOLUME 400 controls across 117 million customer records I ve never been involved in a process of implementation that had so little negative impact on users Protegrity s services team have been world class. DRIVER Compliance with PCI DSS CHALLENGE Reduce the scope of the PCI DSS audit dramatically across a large and complex IT estate STEPS TO SUCCESS Protegrity support and services teams worked closed with the retailer to ensure a rapid transition. Implementation took only 2 days to secure over 117 million customer records SOLUTION Protegrity Enterprise Security Administator, Protection Server, Application Protector using vaultless tokenization BENEFITS Met PCI DSS compliance in a 2 day implementation and took infrastructure out of PCI audit scope. Provided centralised oversight and administration of secure data across the entire enterprise 9

10 4 UK RETAILER A multinational, multi-brand, omnichannel retailer required the highest levels of data security to maintain and future-proof their brand s reputation, and cope with peak trading demands without any compromise to performance, analytics agility or user experience. This retailer had a requirement comply with internal privacy policies, industry regulations and the GDPR throughout their enterprise and across multiple current and legacy systems. The retailer chose Protegrity to protect sensitive information across the organization including Oracle, DB2, Mainframe and Teradata as well as intercepting online web forms filled in by customers at account creation. Working closely with the client s internal team, Protegrity architected a solution that protected data at use, in transit and at rest. The solution was deployed at tactical points within the network to accommodate data being created by customers and employees at the earliest moment of its journey, thus minimizing the risk of data being available in its clear format. 20 years of legacy data residing within IBM mainframes and DB2 was also protected as well as data stored in a Teradata warehouse, Microsoft SQL DB and Oracle. Protegrity enabled analytics platforms to enhance retail decision making whilst maintaining mandatory high standards for data privacy and also meets an additional requirement to provide data protection methods that will enable transition to the Cloud in the future. 10

11 Protegrity were the only organization able to respond to our need to protect a large number of environments within a relatively short timeline. DRIVER Compliance with internal and external regulations CHALLENGE Multiple different environments and short deadline for completion STEPS TO SUCCESS Architected the solution closely with the retailer s internal team and deployed protectors at tactial points within the network SOLUTION Protegrity s Enterprise Security Administrator, Database Protectors for Oracle, DB2, Mainframe and Teradata and Data Security Gateways BENEFITS Solution is highly scalable and will expand to enable the retailer to transition to the Cloud as well as enabling them to comply with critical regulations such as GDPR 11

12 5 US convenience STORES The second largest chain of company-owned and operated gasoline and convenience stores in the US needed to reduce the time and expense of complying with PCI DSS. For the large retailer, the process of complying with the Payment Card Industry Data Security Standard (PCI DSS) consumes a major slice of staff time and budget. High transaction volumes and a very short window to handle payment settlement meant the system had to have very high throughput and scalable performance. Due to the legacy mainframe environment, the implementation also required little to no modification of systems. Protegrity implemented a Vaultless Tokenization appliance in a staging environment outside the backend systems. The transaction information from the gas stations is sent securely to the Protegrity appliance and placed in an encrypted file. The secure file is parsed and Credit Card Number (CCN) data is tokenized prior to entering legacy business systems. After processing, the protected CCN data is de-tokenized by the appliance and transmitted to payment processors for settlement. Tokens were designed to bleed through the first six digits of the CCN, to make them compatible with legacy systems and prevent the need for modifications. 12

13 IMPACT None. PCI auditing process reduced from seven months to three. Cardholder data is now more secure DEPLOYMENT Tokenization took 90 minutes We planned on 30 days to tokenize our 50 million card numbers. With Protegrity Tokenization, the whole process took about 90 minutes. DRIVER Simplify PCI DSS compliance CHALLENGE Solution must have little to no impact on existing systems STEPS TO SUCCESS Deployment of the solution was non-intrusive as it did not require obtaining third-party modifications to code SOLUTION Protegrity tokenization using Enterprise Security Administrator and mainframe and file protector, Application protectors BENEFITS By segmenting cardholder data with tokenization, a regional chain of 1,500 local convenience stores is reducing its PCI audit from seven to three months 13

14 Protegrity was born of the need to deliver a new kind of data security that is equipped to meet the challenges of modern enterprises: security that protects the data itself everywhere it goes while enabling businesses the freedom to transform and innovate with their data. The right balance between sophisticated data analysis and risk management can be achieved. Neither needs to be sacrificed. Data today is more than power it is the lifeblood of the organization and needs to flow to the right data owners in realtime. If it can t be mined and manipulated at or near real-time while still maintaining security and privacy, it s not delivering maximum value. Protegrity Credentials Organizations from every industry worldwide leverage our expertise and solutions to strengthen their security posture and simplify compliance with internal and regulatory data protection requirements. Our customers include: More than 50 of Teradata s largest customers The world s largest company and private employer 20% of all Global Fortune 500 Retail organizations The most powerful transnational corporation globally 25% of Global 500 Financial Services Institutions Europe s largest financial institutions America s most trusted source for high-quality healthcare and service One of the world s largest online retailers The premier driver of air travel intelligence and commerce worldwide Over 200 brands worldwide including public and private sector 14

15 CONTACT Protegrity us at or contact us through our website Read more about how Protegrity can help your business THE CHANGING FACE OF RETAIL HOW SHOULD DATA PROTECTION KEEP UP? 1 Personalized experience CUSTOmERS ONLINE DATA AND PURCHASE HISTORy WILL REvEAL INSIgHTS for TAILORED SUggESTIONS AND INCENTIvES TO buy, IN REAL TImE Retail transformation turns data risk into reward EXECUTIVE BRIEF Safely delivering growth through better customer experience SOLUTION BRIEF STRATEGY: Personalization to ensure customer loyalty and increase share of wallet OPTIMIZATION: Protect private data itself in a way that does not hinder analytics 2 Automated Roles DIgITAL DEvICES WILL greet AND SERvE CUSTOmERS AND RUN back OffICE OPERATIONS STRATEGY: AI to reduce cost and improve efficiency OPTIMIZATION: Ensure use of data is for legitimate purposes only using granular, role-based access controls for devices utilizing sensitive customer and corporate information EXECUTIVE BRIEF SOLUTION BRIEF FUTURE RETAIL Copyright 2018 Protegrity Corporation. All rights reserved. Protegrity is a registered trademark of Protegrity Corporation. All other trademarks are the property of their respective owners. Teradata and the Teradata logo are registered trademarks of Teradata Corporation and/or its affiliates in the U.S. and worldwide. 4 Online sales 15