Customer information is the lifeblood of every financial services organization.
Vast amounts of data are collected to understand every aspect of a customer: the strength of their credit, where they live, and what their spending and borrowing practices are. To process and analyze this data, hundreds of applications and databases are required. Testing these applications with real data compromises information security by risking theft from insiders; yet, realistic data is required to ensure these applications function properly. Using Camouflage to create realistic data for use in these non-production environments is the solution.
Compliance requirements within the financial services sector come from many different sources: PCI DSS, GLBA, SOX, and requirements on SSNs and other national identifiers. Every organizational privacy policy claims to safeguard customer information, yet many companies risk sanctions for deceptive trade practices by not protecting this information during application development and testing.
Section 501 of GLBA requires financial institutions to “protect against any anticipated threats or hazards to the security [of customer information]". As such, they are obliged to protect against data theft by developers and testers during application development and testing. And for organizations that handle credit card numbers, PCI DSS requirement 6.3.4 is very clear: “production data are not [to be] used for testing or development”. The most appropriate way to protect against inside theft by developers and testers is to use data masking to create realistic data for use in these non-production environments.
The information security practices of financial services organizations have a strong impact on customer confidence, and, in turn, their willingness to do business. Financial services data breaches cost millions in fines, lawsuits, brand damage, and customer loss – not to mention a drop in share prices. No C-level officer wants to be affiliated with these sorts of losses, and no information security manager wants to try to find another job in these tough economic times.
Using Camouflage to create realistic data will protect against data theft.Eliminate the use of credit card numbers in testing and development
- Create and test systems to process customer transactions and manage customer data.
- Create data for analysis while limiting access by “need-to-know”
- Test system interoperability.
- Facilitate data sharing by using Camouflage mask account numbers.
Discover, Analyze, Subset and Mask your sensitive data all within one powerful suite of integrated products.
Contact us for more information or to arrange a tailored demo today.
