A top 10 European bank with full-service offerings, including corporate and institutional banking, retail and private banking, life and pension products and over 10 million customers.
Internal policy was put in place that required the Common Data Warehouse (CDW) team to implement a data-centric security solution to prevent unauthorized users from accessing sensitive production data in test/development systems.
Sensitive data needed to be protected – at rest, in transit and at use – but locking down all the data was not an option. The IT team needed to leverage production data in internal test environments as they developed new programs and systems but they did not need to see the data in the clear.
The new data governance policies required that the technologists, such as DBAs, programmers, or system engineers, could not access the sensitive customer data in the clear or grant sensitive data access to others.
Fine-grained data tokenization was applied to key data elements that allowed the IT team to leverage the data in a protected form. The test environment remains full-functioning but unauthorized users are unable to access or grant access rights to sensitive data in the clear.
Critical to the success of the solution, Protegrity also enabled the CISO to determine and specify what data is to be protected, where it is to be enforced, who will have access and when and how the data will be protected.
Enterprise key management (EKM) capabilities are integrated into the platform and provide an easy-to-use system for managing keys. Built-in comprehensive auditing and reporting provides the insight needed to track usage and patterns.