Industry

We Help you Become Compliant

Camouflage been masking data for some of the largest organizations globally since 2004. We work with large Fortune 500 companies, as well as small and medium-sized businesses in numerous industry verticals. Camouflage’s data masking solutions are quick to deploy and can be up and running on most networks in less than a week.

CONTACT USFind out what Camouflage Industry Solutions can do for you

Financial Services
Health Insurance
Health Care
Insurance
Education
Aerospace
Retail
Government

Service Descriptions

Financial Services

Compliance requirements within the financial services sector come from many different sources: PCI DSS, GLBA, SOX, and requirements on SSNs and other national identifiers. Every organizational privacy policy claims to safeguard customer information, yet many companies risk sanctions by not protecting this information during application development and testing. Section 501 of GLBA requires financial institutions to “protect against any anticipated threats or hazards to the security [of customer information]". Similarly, for organizations that handle credit card numbers, PCI DSS requirement 6.3.4 is very clear: “production data are not [to be] used for testing or development”.

Health Insurance

Compliance requirements within the health insurance sector are a blend of those found in the financial services and health care sectors; in particular, HIPAA, GLBA, and the PCI DSS apply. Compliance with Section 306 of the HIPAA Security Rule requires covered entities to “protect against any reasonably anticipated threats or hazards to the security or integrity [of electronic PHI].”

Health Care

With HIPAA enforcement on the rise, and new penalties introduced through the HITECH Act, protecting electronic PHI in non-production environments is becoming increasingly important. Compliance with Section 306 of the HIPAA Security Rule requires covered entities to “protect against any reasonably anticipated threats or hazards to the security or integrity [of electronic PHI].”

Retail

Information security within the retail sector involves a variety of considerations: credit card and other payment information, human resources information, and personal information associated with customers and affinity. Every organizational privacy policy claims to safeguard customer information, yet many companies do not protect this information during application development and testing. For organizations handling credit card numbers, PCI DSS requirement 6.3.4 is very clear: “production data are not [to be] used for testing or development”. The most appropriate way to protect against inside theft by developers and testers is to use data masking to create realistic data for use in these non-production environments.

Insurance

Compliance requirements within the insurance sector come from many different sources: PCI DSS, GLBA, SOX, and requirements on SSNs and other national identifiers. Every organizational privacy policy claims to safeguard customer information, yet many companies put themselves at risk by not protecting this information during application development and testing.

Education

Trust is fundamental to the relationship between student and educational institution – the student gives personal and financial information to the educational institution, trusting that this information will be secured. Information security within the education sector involves a variety of considerations: SSNs and other national identifiers, credit card and other payment information, personal information in student and employee records, and information belonging to minors.

Aerospace

Information security compliance within the aerospace and defense industry involves both human resources and national security considerations – and sometimes these considerations overlap. In order to outsource application development, organizations must be careful to not disclose SSNs and other national identifiers. To comply with ITAR regulations information about defense assets cannot be shared with other countries. The most appropriate way to protect against inside theft by developers and testers is to use data masking to create realistic data for use in these non-production environments.

Government

Government organizations possess and maintain vast amounts of personal information, including addresses, tax information, national identifiers, and birth records. Governments all over the globe are held accountable by privacy legislation: the US Privacy Act, the EU Data Protection Directive, the Privacy Act in Canada and Australia… and the list goes on. The most appropriate way to protect against inside theft is to use data masking to create realistic data for use in these non-production environments.