Ways Global FOR RETAIL

Similar documents
Teradata and Protegrity High-Value Protection for High-Value Data

How to Dramatically Lower the Cost and Pain of the Yearly PCI DSS Audit

Data Management and Security in the GDPR Era

SIEM: Five Requirements that Solve the Bigger Business Issues

SIEMLESS THREAT DETECTION FOR AWS

Securing Your Digital Transformation

The Realities of Data Security and Compliance: Compliance Security

Technical Overview. Elastic Path Commerce

SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

Overview. Business value

Customer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach

An overview of mobile call recording for businesses

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

AKAMAI CLOUD SECURITY SOLUTIONS

Protegrity Vaultless Tokenization

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Best Practices in Securing a Multicloud World

Perfect Balance of Public and Private Cloud

Introducing. Worldpay Total. Worldpay international omni-channel payment solution

Oracle Buys Automated Applications Controls Leader LogicalApps

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

Comodo HackerGuardian PCI Approved Scanning Vendor

THALES DATA THREAT REPORT

IBM Security Guardium Analyzer

About MagTek. PIN Entry & Management

Comprehensive Database Security

Escaping PCI purgatory.

2017 THALES DATA THREAT REPORT

SOLUTION BRIEF BIG DATA SECURITY

Clearing the Path to PCI DSS Version 2.0 Compliance

PIN Entry & Management

Data Privacy in Your Own Backyard

Merchant Guide to PCI DSS

THE EUROPEAN PAYMENTS LANDSCAPE IN THE DIGITAL ERA

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Networking for a smarter data center: Getting it right

The Honest Advantage

GDPR: The Day After. Pierre-Luc REFALO

Oracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

Evaluating Cloud Databases for ecommerce Applications. What you need to grow your ecommerce business

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Total Protection for Compliance: Unified IT Policy Auditing

Complying with PCI DSS 3.0

SCALEFAST COMMERCE CLOUD INFRASTRUCTURE

CipherCloud CASB+ Connector for ServiceNow

Security and PCI Compliance for Retail Point-of-Sale Systems

Think big, think Brazil

Run the business. Not the risks.

Accelerating the Business Value of Virtualization

REALIZE YOUR. DIGITAL VISION with Digital Private Cloud from Atos and VMware

Enabling Innovation in the Digital Economy

How Security Policy Orchestration Extends to Hybrid Cloud Platforms

Customer Case Studies on Accelerating Their Path to Hybrid Cloud

Protecting Your Data in the Cloud. Ulf Mattsson Chief Technology Officer ulf.mattsson [at] protegrity.com

PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS

CA Security Management

FIS Global Partners with Asigra To Provide Financial Services Clients with Enhanced Secure Data Protection that Meets Compliance Mandates

Top Five Privacy and Data Security Issues for Nonprofit Organizations

Enhancing Security With SQL Server How to balance the risks and rewards of using big data

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

CASE STUDY GLOBAL CONSUMER GOODS MANUFACTURER ACHIEVES SIGNIFICANT SAVINGS AND FLEXIBILITY THE CUSTOMER THE CHALLENGE

Trustwave Managed Security Testing

Modern Database Architectures Demand Modern Data Security Measures

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

Brochure. Data Masking. Cost-Effectively Protect Data Privacy in Production and Nonproduction Systems

McAfee Total Protection for Data Loss Prevention

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Strong Security Elements for IoT Manufacturing

DATACENTER SERVICES DATACENTER

Adopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security

Security-as-a-Service: The Future of Security Management

PCI compliance the what and the why Executing through excellence

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

The Windstream Enterprise Advantage for Banking

IBM Cloud Internet Services: Optimizing security to protect your web applications

Data Protection and PCI Scope Reduction for Today s Businesses

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

The Nasuni Security Model

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Simple and Secure Micro-Segmentation for Internet of Things (IoT)

SALMON MANAGED SERVICES WE DO THE HEAVY LIFTING, LEAVING YOU TIME TO TRADE

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Accelerating growth and digital adoption with seamless identity trust

Securing Your Most Sensitive Data

01.0 Policy Responsibilities and Oversight

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

Data Center Automation: Automated Provisioning, Patching, and Compliance

Discover the all-flash storage company for the on-demand world

Moving From Reactive to Proactive Storage Management with an On-demand Cloud Solution

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

Accelerate Your Enterprise Private Cloud Initiative

Database Auditing and Forensics for Privacy Compliance: Challenges and Approaches. Bob Bradley Tizor Systems, Inc. December 2004

Database Discovery: Identifying Hidden Risks and Sensitive Data

IN THE FRAME. Computacenter Public Sector Frameworks FRAMEWORK

ACCENTURE & COMMVAULT ACCENTURE CLOUD INNOVATION CENTER

2018 Edition. Security and Compliance for Office 365

Transcription:

5 Ways Global RETAILERS Protect THEIR CUSTOMER Data

In the new digital environment, keeping pace with security is the new reality Digital disruption over the last decade has impacted how retailers communicate, connect, and sell to their customers. This transformation has caused a significant increase in technology that drives intelligence and analytics of customers. When personalizing the customers journey, many retailers find their traditional security can t keep pace with the increase in technology and business requirements. In response, organizations are looking at alternative, data centric protection methods to enable them to scale more effectively. Data responsibilities Payment Card Industry Personally Identifiable Information Cloud personalization program Multi Channel General Data Protection Regulation Data protection drives Customer acquisition and loyalty Establishment of trusted brand Expansion into new market sectors Digital innovation Enhanced customer experience 2

Helping Brands Protect Sensitive Assets for Over 10 Years Protegrity has a passion for our customers, our people and the work we do. We re keen to share the best practices for protecting sensitive data which we ve honed from working with over 300 global brands. Our disruptive data protection solutions offer better flexibility and capability in a way that will not compromise operational excellence or digital success. Our work is driving analytical excellence through more powerful, flexible data security and compliance with key regulations as shown in the following use cases Protegrity expertise includes central control of Data Discovery Enterprise-wide Data Protection Cloud and Big Data Security Encryption and Pseudonymisation Audit and Compliance Reporting Given the highly sensitive nature of the services we provide to our customers, their identities have been anonymized here to protect their security posture but further details are available upon request. 3

1 ecommerce Retailer Compliance with internal privacy requirements and industry data protection standards within a very short turnaround time made this ecommerce giant seek advice about security solutions to protect PII and PCI data within their data warehouse. The global online retailer felt confident they had found a security solution they could trust to protect customer information without compromising performance. Within three weeks, data discovery was complete and the entire solution took fewer than six months to implement. The retailer started by providing Protegrity with a list of high priority sensitive data elements to be protected, which formed the basis of their organization s security policies. Protegrity s Enterprise Security Administrator enabled the retailer to centrally control and enforce security policies throughout the data flow, and Protegrity Database Protectors ensured that sensitive information remained protected within the enterprise data warehouse. This deployment also allowed the retailer s security team to restrict access to sensitive data to authorized users only and automate monitoring, auditing and alerts on the entire data security system for compliance with not only internal privacy requirements but also those of the GDPR ahead of time. This global ecommerce company is now expanding the Protegrity model to bring their entire organization into compliance with international data protection regulations. 4

IMPACT Negligible DEPLOYMENT Less than 6 months VOLUME PII protection in 500 tables Protegrity came very highly recommended by data warehouse provider and they ve more than met our expectations. DRIVER Compliance with internal requirements and industry standards for data protection CHALLENGE A very short deadline for project completion STEPS TO SUCCESS Working with data owners to discover sensitive data elements throughout the data flows SOLUTION Protegrity s Enterprise Security Administrator and Database Protectors for central control of data protection, monitoring and alerting BENEFITS Compliant business performance continuity and an established model for GDPR success ahead of time 5

2 MULTINATIONAL RETAILER Internal privacy policies dictated that this multi-billion dollar retailer protect the identities of their many customers and employees, an ambitious goal for a global brand committed to analytics for digital lift and subject to regulations including the U.S. Food & Drug Administration (FDA) reporting requirements. Protegrity data security solutions inimitably allowed the retailer to realize their ambitions in a complicated, heterogeneous IT landscape. Starting with Social Security Numbers (SSN), this retailer deployed Protegrity Database Protectors to protect employee data in the integrated data warehouse from Teradata. This became the blueprint for expanding Protegrity s footprint to include SQL Server and big data Protectors for Pivotal HD, to protect sensitive information and business processes throughout the enterprise. Leveraging Protegrity Vaultless Tokenization, which replaces sensitive data with secure tokens of the same data type and length, has enabled this retail brand to democratize access to data without the need for changes to existing tables, applications and operational processes including analytics. Using Protegrity s Enterprise Security Administrator enables this retailer s security team to centrally monitor and restrict access to sensitive data, define alerts for the entire data security system and automate auditing and reporting for compliance with the FDA. 6

IMPACT Almost no negative effect on business processes Protegrity allowed our internal customers to access and analyze the data in realtime all the while keeping the data safe. DRIVER Maintaining privacy as a corporate brand value while enabling analytics for digital lift and complying with FDA regulations CHALLENGE Democratizing data access while satisfying stringent corporate and legal requirements without compromising business processes STEPS TO SUCCESS Focusing on one sensitive data element as a priority and using tokenization to protect it without diminishing its value which served as a blueprint to scale and expand security to other business systems SOLUTION Protegrity s Enterprise Security Administrator and Database and Big Data Protectors enable this organization to centrally control, audit and report access to sensitive information BENEFITS Compliant data democratization without compromise to analytical value or business continuity 7

3 GLOBAL RETAILER A global nutrition corporation that develops, markets, and sells dietary supplement, weight management, sports nutrition, and personal care products needed to comply with PCI DSS Level 1 merchant compliance by securing 117MM sensitive customer payment card records in 400+ controls in a very short timeframe. As a PCI DSS Level 1 merchant, the retailer must comply with the strictest regulations in the industry pertaining to the handling of sensitive payment card data. The retailer potentially faced a series of very large, escalating fines for noncompliance. The retailer needed an approach that would allow them to take as many environments as possible out of PCI DSS compliance audit scope, which would require removing PCI data from those systems. The retailer chose Protegrity after evaluating performance, cost, and definitive peer references. Protegrity offered the most powerful and cost effective solution. There were more than 400 controls that could apply to over 117 million customer records stored, if we didn t reduce scope, said the retailer s Head of Global Information Security. That complexity would require weeks or months to complete each annual PCI DSS audit. 8

IMPACT Little to no impact on existing systems DEPLOYMENT 2 days VOLUME 400 controls across 117 million customer records I ve never been involved in a process of implementation that had so little negative impact on users Protegrity s services team have been world class. DRIVER Compliance with PCI DSS CHALLENGE Reduce the scope of the PCI DSS audit dramatically across a large and complex IT estate STEPS TO SUCCESS Protegrity support and services teams worked closed with the retailer to ensure a rapid transition. Implementation took only 2 days to secure over 117 million customer records SOLUTION Protegrity Enterprise Security Administator, Protection Server, Application Protector using vaultless tokenization BENEFITS Met PCI DSS compliance in a 2 day implementation and took infrastructure out of PCI audit scope. Provided centralised oversight and administration of secure data across the entire enterprise 9

4 UK RETAILER A multinational, multi-brand, omnichannel retailer required the highest levels of data security to maintain and future-proof their brand s reputation, and cope with peak trading demands without any compromise to performance, analytics agility or user experience. This retailer had a requirement comply with internal privacy policies, industry regulations and the GDPR throughout their enterprise and across multiple current and legacy systems. The retailer chose Protegrity to protect sensitive information across the organization including Oracle, DB2, Mainframe and Teradata as well as intercepting online web forms filled in by customers at account creation. Working closely with the client s internal team, Protegrity architected a solution that protected data at use, in transit and at rest. The solution was deployed at tactical points within the network to accommodate data being created by customers and employees at the earliest moment of its journey, thus minimizing the risk of data being available in its clear format. 20 years of legacy data residing within IBM mainframes and DB2 was also protected as well as data stored in a Teradata warehouse, Microsoft SQL DB and Oracle. Protegrity enabled analytics platforms to enhance retail decision making whilst maintaining mandatory high standards for data privacy and also meets an additional requirement to provide data protection methods that will enable transition to the Cloud in the future. 10

Protegrity were the only organization able to respond to our need to protect a large number of environments within a relatively short timeline. DRIVER Compliance with internal and external regulations CHALLENGE Multiple different environments and short deadline for completion STEPS TO SUCCESS Architected the solution closely with the retailer s internal team and deployed protectors at tactial points within the network SOLUTION Protegrity s Enterprise Security Administrator, Database Protectors for Oracle, DB2, Mainframe and Teradata and Data Security Gateways BENEFITS Solution is highly scalable and will expand to enable the retailer to transition to the Cloud as well as enabling them to comply with critical regulations such as GDPR 11

5 US convenience STORES The second largest chain of company-owned and operated gasoline and convenience stores in the US needed to reduce the time and expense of complying with PCI DSS. For the large retailer, the process of complying with the Payment Card Industry Data Security Standard (PCI DSS) consumes a major slice of staff time and budget. High transaction volumes and a very short window to handle payment settlement meant the system had to have very high throughput and scalable performance. Due to the legacy mainframe environment, the implementation also required little to no modification of systems. Protegrity implemented a Vaultless Tokenization appliance in a staging environment outside the backend systems. The transaction information from the gas stations is sent securely to the Protegrity appliance and placed in an encrypted file. The secure file is parsed and Credit Card Number (CCN) data is tokenized prior to entering legacy business systems. After processing, the protected CCN data is de-tokenized by the appliance and transmitted to payment processors for settlement. Tokens were designed to bleed through the first six digits of the CCN, to make them compatible with legacy systems and prevent the need for modifications. 12

IMPACT None. PCI auditing process reduced from seven months to three. Cardholder data is now more secure DEPLOYMENT Tokenization took 90 minutes We planned on 30 days to tokenize our 50 million card numbers. With Protegrity Tokenization, the whole process took about 90 minutes. DRIVER Simplify PCI DSS compliance CHALLENGE Solution must have little to no impact on existing systems STEPS TO SUCCESS Deployment of the solution was non-intrusive as it did not require obtaining third-party modifications to code SOLUTION Protegrity tokenization using Enterprise Security Administrator and mainframe and file protector, Application protectors BENEFITS By segmenting cardholder data with tokenization, a regional chain of 1,500 local convenience stores is reducing its PCI audit from seven to three months 13

Protegrity was born of the need to deliver a new kind of data security that is equipped to meet the challenges of modern enterprises: security that protects the data itself everywhere it goes while enabling businesses the freedom to transform and innovate with their data. The right balance between sophisticated data analysis and risk management can be achieved. Neither needs to be sacrificed. Data today is more than power it is the lifeblood of the organization and needs to flow to the right data owners in realtime. If it can t be mined and manipulated at or near real-time while still maintaining security and privacy, it s not delivering maximum value. Protegrity Credentials Organizations from every industry worldwide leverage our expertise and solutions to strengthen their security posture and simplify compliance with internal and regulatory data protection requirements. Our customers include: More than 50 of Teradata s largest customers The world s largest company and private employer 20% of all Global Fortune 500 Retail organizations The most powerful transnational corporation globally 25% of Global 500 Financial Services Institutions Europe s largest financial institutions America s most trusted source for high-quality healthcare and service One of the world s largest online retailers The premier driver of air travel intelligence and commerce worldwide Over 200 brands worldwide including public and private sector 14

CONTACT Protegrity email us at info@protegrity.com or contact us through our website www.protegrity.com/retail Read more about how Protegrity can help your business THE CHANGING FACE OF RETAIL HOW SHOULD DATA PROTECTION KEEP UP? 1 Personalized experience CUSTOmERS ONLINE DATA AND PURCHASE HISTORy WILL REvEAL INSIgHTS for TAILORED SUggESTIONS AND INCENTIvES TO buy, IN REAL TImE Retail transformation turns data risk into reward EXECUTIVE BRIEF Safely delivering growth through better customer experience SOLUTION BRIEF STRATEGY: Personalization to ensure customer loyalty and increase share of wallet OPTIMIZATION: Protect private data itself in a way that does not hinder analytics 2 Automated Roles DIgITAL DEvICES WILL greet AND SERvE CUSTOmERS AND RUN back OffICE OPERATIONS STRATEGY: AI to reduce cost and improve efficiency OPTIMIZATION: Ensure use of data is for legitimate purposes only using granular, role-based access controls for devices utilizing sensitive customer and corporate information EXECUTIVE BRIEF SOLUTION BRIEF FUTURE RETAIL Copyright 2018 Protegrity Corporation. All rights reserved. Protegrity is a registered trademark of Protegrity Corporation. All other trademarks are the property of their respective owners. Teradata and the Teradata logo are registered trademarks of Teradata Corporation and/or its affiliates in the U.S. and worldwide. 4 Online sales 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback