A major European airline that handles internal and external customer information, including payment and transaction data subject to PCI DSS compliance.
A major European airline needed to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS).
This meant protecting the Teradata Enterprise Data Warehouse (EDW) and the UNIX file servers that load and unload the data from external systems.
The security solution also had to be scalable and transparent to authorized users. Also, wherever possible, the solution should not require changes to functional processes.
And finally, the airline required a separation of duties, to isolate data security administration to their security team.
Protegrity implemented File Protectors on the incoming and outgoing UNIX file servers to encrypt/decrypt all data at the file system level.
An authorized and signed ETL tool was augmented with Protegrity software to enable transparent read access by the tool and encryption of individual columns of payment card data before loading into the EDW.
Protegrity Database Protector for Teradata was installed in the Teradata EDW to encrypt/decrypt sensitive data at the column level within the ecosystem.
The solution also included the Enterprise Security Administrator, which provides a separation of duties, allows the security team to restrict access to sensitive data to certain authorized users and processes, and defines alerts and auditing on the entire data security system.