Data security success at financial institutions around the world

Financial institutions around the globe must comply with a growing list of increasingly more stringent regulations. In today’s world of digital transactions and personal data privacy, data protection has become a key component of new compliance directives. Since 2005, organizations, including many Fortune 500 financial institutions, have been using Fortra’s Data Classification Suite (DCS) to meet regulatory compliance requirements by identifying and securing data on the desktop, on mobile devices and in the cloud. This solution brief highlights key DCS use cases and the successes that financial institutions have seen.

Common benefits and use cases around the world

North America

In North America, multiple Fortune Global 500 and Fortune 500 banks make use of DCS solutions. Deployments range from 8,000 to 70,000 users.

Ensure compliance with privacy regulations.

How DCS helps banks achieve this: When a customer chooses to unsubscribe from a mailing list, the bank uses DCS to identify that recipient and alert bank employees who try to send emails to the recipient.

Protect new macro-generated documents.

How DCS helps banks achieve this: When an automated process creates a file, DCS automatically assigns a classification, visual markings and protection to the file as it is created.

Prevent accidental (or intentional) sharing of sensitive data externally.

How DCS helps banks achieve this: DCS performs recipient checking for external addresses, incorporating a list of safe domains and allowing for the encryption of the sender’s email contents downstream via the use of X-headers. Encryption options vary based on parameters such as the sender’s group membership properties and so on. DCS also performs attachment checking to auto-upgrade the classification based on the content, searching for keywords such as “Internal Use Only” or for Social Security numbers.

Europe

In Europe, multiple Fortune Global 500 banks and insurance providers use DCS solutions. Deployments range from 70,000 to 110,000 users.

Identify data with personal information in order to comply with the General Data Protection Regulation (GDPR).

How DCS helps banks achieve this: With GDPR now in effect, it is crucial when new data is created that organizations classify it accordingly if it contains any personal data. DCS provides users with suggested classifications based on the content identified in a DCS policy. Banks can also configure the solution to perform an auto-classification, essentially eliminating the burden on the end user.

Impact end user behavior as it relates to sensitive data.

How DCS helps banks achieve this: DCS provides sensitive document labeling as a key component of an encryption policy for a specific group of users for sending confidential emails. The sender and the receiver immediately understand the sensitive nature of the email contents because of the labeling. In addition, content validation enables banks to check documents and email messages for specific sensitive information, such as National Insurance numbers and credit card numbers. Content validation can also replace the sensitive data it finds through remediation or redaction

Asia Pacific

In the Asia Pacific region, several Fortune Global 500 banks use DCS solutions. Deployments range from 5,000 to just under 70,000 users.

Impact end user behavior as it relates to sensitive data.

How DCS helps banks achieve this: DCS solutions help banks perform recipient checking for external email addresses, along with attachment checking.

Enhance performance of a data loss prevention (DLP) solution.

How DCS helps banks achieve this: DCS solutions help banks perform content scanning. Banks can also integrate DCS with their DLP solution for message attachments. DCS will communicate with downstream DLP through X-headers, including document and email visual markings, set up as headers or footers.

Maintain ethical walls between different parts of the bank.

How DCS helps banks achieve this: DCS solutions use information segregation to automatically apply classifications based on the user’s role in the organization. Organizations can manage settings from one administration console so that different users get different configurations.