Products
Why Protegrity Prime Our unique data security technologies are built for today's data-driven businesses. Learn More
Data Discovery Uncover where sensitive data resides
Data Management Control every corner of the enterprise
Data Protectors Protection beyond platforms
Professional Services Security experts for every need
Security Gateways Data security that goes with the data
Vaultless Tokenization Go beyond encryption
Contact Us

Airline Case Study

PCI DSS Compliance

Company Overview

A major European airline that handles internal and external customer information, including payment and transaction data subject to PCI DSS compliance.

crowd-walking-700

Business Problem

A major European airline needed to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS).

This meant protecting the Teradata Enterprise Data Warehouse (EDW) and the UNIX file servers that load and unload the data from external systems.

The security solution also had to be scalable and transparent to authorized users. Also, wherever possible, the solution should not require changes to functional processes.

And finally, the airline required a separation of duties, to isolate data security administration to their security team.

Requirements and Challenges

Protect payment card data according to PCI DSS requirements
Secure flat files at rest in file servers that handle incoming/outgoing sensitive data
Secure data at the column level, including existing data, within the Teradata ecosystem

Adopt a high-performance scheme to keep up with high-transaction Teradata system
Cause no more than a 3% reduction in overall performance
Institute separation of duties
code-image (1)

Protegrity Solution

Protegrity implemented File Protectors on the incoming and outgoing UNIX file servers to encrypt/decrypt all data at the file system level.

An authorized and signed ETL tool was augmented with Protegrity software to enable transparent read access by the tool and encryption of individual columns of payment card data before loading into the EDW.

Protegrity Database Protector for Teradata was installed in the Teradata EDW to encrypt/decrypt sensitive data at the column level within the ecosystem.

The solution also included the Enterprise Security Administrator, which provides a separation of duties, allows the security team to restrict access to sensitive data to certain authorized users and processes, and defines alerts and auditing on the entire data security system.

Results & Benefits

Achieved PCI compliance according to PCI DSS guidelines
Minimal reduction in system performance, well under the 3% requirement
Files encrypted at rest on incoming and outgoing file servers
Separation of duties implemented with the data security policy
Data encrypted at the column level in the Teradata EDW
Negligible changes to functional processes