Few companies want to secure and protect their customers' data more than financial services firms. One security breach can irreparably damage customers' trust. Laws such as the California database-breach disclosure law, known as SB 1386, which requires customer notification when certain types of financial information are disclosed unless they're encrypted, are giving companies new reasons to lock down customer data further.
Union Bank of California (a subsidiary of San Francisco-based UnionBanCal Corp., $46.1 billion in total assets) has done a good job with security, including thwarting network, denial-of-service and other types of attacks, says Bob Justus, senior vice president of corporate information security and IS/IT contingency. But it's not stopping there. "Now we're improving security throughout the full business application process," he says. Union Bank is installing Ingrian Networks' (Redwood City, Calif.) DataSecure Platform to bolster encryption and better protect data such as Social Security numbers and financial information stored in applications, databases and storage systems.
Key Management Key Tool
Justus says he was looking for a centralized platform that includes more granular encryption, key management that supports federal encryption standards and common digital-certificate-management functions such as access logging and auditing.
One of the biggest problems with using the encryption tools that come with applications and databases is key management, Justus says. With most applications, the keys used to encrypt and decrypt the data need to be stored on the same server as the application. If the system is circumvented in some way, the keys are there and available to the attacker, and "you don't get the full value from the encryption," he says. Ingrian Networks' key-management technology doesn't require the keys to be stored locally, Justus says.
Increased pressure to encrypt data will be "one of the biggest security challenges" over the next three years, says Pete Lindstrom, research director at research firm Spire Security (Malvern, Pa.). "You're talking about obfuscating data, and that can make data very difficult to manage," he says.
Ingrian Networks also adds protection against the next software vulnerability. "There always seems to be some new vulnerability issue coming up. You patch and do the best that you can, but there's always the concern of a new zero-day attack," Union Bank of California's Justus says.
Pricing for the DataSecure Platform starts at $32,500.
This article, written by George V. Hulme, originally appeared in InformationWeek, a sibling publication of Bank Systems & Technology.