High Value Targets in the Digital Economy
As more transactions move online, financial services companies have accrued valuable data that have become prime targets for hackers and thieves. Charged with managing large enterprise infrastructure and subject to targeted campaigns and persistent threat actors, banks and other financial institutions are under attack. This has led to a rise in costly data breaches as well as the creation and tighter enforcement of data security and privacy regulations.
Several regulations such as GLBA, SOX, GDPR and PCI-DSS require some form of encryption, data access controls and/or breach notification requirements that add to the complexity of holding and processing sensitive data and enforce significant penalties for non-compliance. As the mixed use of on-premise and cloud IT infrastructure along with rapidly evolving applications using multiple database platforms increases, tracking and protecting data becomes an even bigger challenge for the industry.
Secure Compute provides encryption capability that utilizes AES-256 strong encryption with customer-owned keys and allows operations on encrypted data without any application modifications or breakage.
Dynamic Access Control
Users are often over-provisioned to data (e.g. see the latest data leak headline) in app environments. Dynamic Access Control cryptographically enforces control at the record level to prevent overexposure of data to end-users.
Record Access Monitoring
Determining who is accessing which records with what frequency is a key capability to ensure compliance with data classification and regulatory policies. Record Access Monitoring tracks access to data at the record level and enables anomalous access triggers.
This approach virtually eliminates the risk of a data breach due to compromised DBA or admin credentials.