Products
Why Protegrity Prime Our unique data security technologies are built for today's data-driven businesses. Learn More
Data Discovery Uncover where sensitive data resides
Data Management Control every corner of the enterprise
Data Protectors Protection beyond platforms
Professional Services Security experts for every need
Security Gateways Data security that goes with the data
Vaultless Tokenization Go beyond encryption
Contact Us

Insurance Case Study

Customer Data

Company Overview

A Fortune 500 private mutual company offering property, casualty, auto , commercial , life, health, and homeowners insurance as well as investment and retirement-planning products with over $6 billion in revenue.

city-stock

Business Problem

A major US insurance firm required detailed protection of its sensitive customer data collected from decades of doing business across the USA. Virtually all aspects of individuals’ identities such as name, social security numbers, birthdays, health ratings and over 30 identifiers required detailed, item-level protection.

Access to the sensitive data had to be restricted to only those applications and individuals with a direct need due to the prevalence of the sensitive data throughout the firms systems.

Finally, due to the consolidation, protection needed to be adapted to be compatible with multiple data types and a variety of systems while still preserving the format of the data including database, files and applications in a variety of programming languages and the Pivotal Big Data platform.

Requirements and Challenges

Provide audit and evidence of its protection for internal and external review
Maintain the format of the data to avoid significant changes to databases and applications
Implement while the business was still conducting business
code-image (1)

Protegrity Solution

The client and Protegrity implemented Vaultless Tokenization services locally to de-identify new and existing PII through various operational, financial and marketing systems.

Vaultless Tokenization ensured both compliance with internal requirements and within business analysis solutions. Tokenization was delivered as needed via node deployed, gateway and standalone appliance solutions.

Along with Vaultless Tokenization, centralized policy-based access controls were implemented with integration of existing role based access controls. This restricted access to re-identified data to authorized users and applications.

Results & Benefits

Complete policy enforced de-identification of sensitive data across all corporate entities
End-to-end data protection from geographically distributed entities to HQ
Integration of key management with existing Hardware Security Modules
Achieved targeted compliance with internal and external directives
All existing data secured at a fine-grained level
Achieved extremely high throughput of data, particularly in data warehouse and Big Data applications.