Safend’s financial services overview

The financial services industry faces increased pressure to implement strong processes and technology solutions to ensure compliance and the safety of critical assets. The risks associated with a data breach in this industry can be devastating, regardless of whether it is due to a simple mistake, or stolen end-point device such as a laptop. The impact goes beyond fines and lost revenue, to negatively impacting your organization’s brand identity and equity, and your customers’ trust.

Today’s regulatory requirements affect small credit unions and large multinationals alike. All of them have to protect customers’ and employees’ personal information, and all of them must protect customer data to stay competitive.

Companies in the financial services industry are now being required to ‘prove’ adequate oversight of service providers, such as obtaining a SAS 70 review conducted to comply with Gramm-Leach-Bliley Act (GLBA), SOX, PCI requirements, and more.

Compliance drivers:

Regulatory security initiatives such as Sarbanes Oxley (SOX), HIPAA, PCI, FISMA, and the UK Data Protection Act (DPA) require organizations to maintain ongoing visibility into endpoint activity. In today’s sensitive regulatory climate, organizations are expected to demonstrate a comprehensive data protection strategy and understanding of all data transfer activities.

Key challenges:

Despite the clear and present danger of data leakage and loss, implementing effective endpoint data protection remains an uphill battle for most organizations. Securing endpoints - without impacting employee productivity and system performance - demands a highly-flexible solution that takes into account the dynamics of real-world work environments.

Many end users view external devices and outbound communications as personal, and view encryption of any kind as a headache - often balking at and circumventing imposed security measures. As a result, today’s data protection solutions need to be transparent without compromising the data security within an organization. All possible endpoint data leakage avenues must be managed with powerful, enforceable, tamper-proof security.

Endpoint data can exit organization boundaries in any number of ways: it can be carried away on an unencrypted storage device, stolen with the laptop it is stored on, or mistakenly sent to unauthorized email recipients. As the workforce continues to rely and expand its use of mobile devices (i.e. smart phones and laptops), opportunity for data leakage of sensitive information increases.

The most common tools implemented by organizations is already considered as mainstream, or even a must: encryption of removable storage, and control of ports and devices, so that only encrypted devices are used, and used only by authorized persons. In addition, hard disk encryption is also quite common. Both are covered by Safend’s data protection suite.
 
However, let’s explore a real life example; a business executive using his laptop from an airport lounge is communicating via Skype to his family and child’s soccer team coach. He accidently attaches a customer list instead of the soccer team register for the next match. An effective data protection system will warn and block the transfer. This type of accident is fairly common. A recent report from the Ponemon Institute suggests that the most common breaches (64%) occur from company insiders. In the January 2009 study, they found more than 88% of all cases involved insider negligence. 

How can encryption and DLP solutions lower this statistic? 

A comprehensive solution can be helpful in a number of ways. First it can assist organizations identify sources of unsecured sensitive data. For example, advanced discovery tools are capable of quickly locating sensitive data no matter where it resides on a system. Several of our customers have been shocked to learn that their sensitive data resides on endpoints that they were unaware of. Second, an effective data protection and leakage prevention system comes bundled with extensive ready to use templates containing policies that “out of the box” will provide effective protection and encryption with little to no user intervention. The more automatic and transparent the system is the better.

Since the majority of leaks occur from an employee’s lack of awareness, educating users is a top priority. Education may occur in the traditional sense, however, a data protection system that includes sophisticated dialog prompts provides “on the job training” of compliance and security policies. This unanticipated side benefit can both prevent a breach as well as train users. If an employee is about to send sensitive data unknowingly, he might be notified through a prompt such as found below:

An effective endpoint security program must address the entire range of risks in order to properly protect organization data.

With more than 2,000 customers worldwide and over 2.6 million licenses sold, Safend’s solutions are deployed by multinational enterprises, government agencies and small to mid-size companies across the globe. To overcome often complex, costly processes, Safend can empower your financial services organization to centralize and quickly deliver the detailed information required to ‘Prove’ compliance with the complete range of regulations facing the Financial Services industry.