Insurance – Customer Data
A Fortune 500 private mutual company offering property, casualty, auto , commercial , life, health, and homeowners insurance as well as investment and retirement-planning products with over $6 billion in revenue.
A major US insurance firm required detailed protection of its sensitive customer data collected from decades of doing business across the USA.
Virtually all aspects of individuals’ identities such as name, social security numbers, birthdays, health ratings and over 30 identifiers required detailed, item-level protection.
Access to the sensitive data had to be restricted to only those applications and individuals with a direct need due to the prevalence of the sensitive data throughout the firms systems.
Finally, due to the consolidation, protection needed to be adapted to be compatible with multiple data types and a variety of systems while still preserving the format of the data including database, files and applications in a variety of programming languages and the Pivotal Big Data platform.
The client and Protegrity implemented Vaultless Tokenization services locally to de-identify new and existing PII through various operational, financial and marketing systems.
Vaultless Tokenization ensured both compliance with internal requirements and within business analysis solutions. Tokenization was delivered as needed via node deployed, gateway and standalone appliance solutions.
Along with Vaultless Tokenization, centralized policy-based access controls were implemented with integration of existing role based access controls. This restricted access to re-identified data to authorized users and applications.
Requirements & Challenges
- Protect the data wherever it was stored or used
- Provide audit and evidence of its protection for internal and external review
- Maintain the format of the data to avoid significant changes to databases and applications
- Implement while the business was still conducting business
Results & Benefits
- Complete policy enforced de-identification of sensitive data across all corporate entities
- End-to-end data protection from geographically distributed entities to HQ
- Integration of key management with existing Hardware Security Modules
- All existing data secured at a fine-grained level
- Achieved targeted compliance with internal and external directives
- Achieved extremely high throughput of data, particularly in data warehouse and Big Data applications.