Global Retailer Guarantees Customer Privacy
A global retailer protects its customer’s personally identifiable information (PII) when purchasing products and services at stores
This global retailer is a leading provider of communication technology and services to consumers and businesses. It sells its products and services both online and in over 2300 retail locations across the United States.
As customers purchase products and services, they share sensitive financial and personal information with the company so it can process orders. The Company wanted to replace outdated fax workflows in its retail stores with a more efficient and secure scanning process to manage this sensitive data. Security policy mandates that customer information must be encrypted both in transit and at rest during these processes.
Executives wanted to ensure that customer information was only accessible by authorized users and that no sensitive information could be deliberately or accidentally shared with unauthorized people. File access and permission controls were needed to limit what an authorized user could do when the file was open. For example, Managers should be able to Print documents, while Call Center personnel should only be allowed to View them.
The Company implemented Fasoo EDRM to encrypt files with PII and automatically assign permissions as they were scanned at retail locations. Security policies control user access to the files and can limit the ability to View, Edit, Print or take a Screen Capture. This met requirements to protect and control sensitive customer information at all times, regardless of location or who was accessing it. Security is dynamic so as user roles change, file permissions are automatically adjusted. The HR department manages personnel so as employees change jobs, leave the organization or new staff is hired, HR updates roles and responsibilities inside the HR system. The Fasoo permissions are adjusted automatically to meet the updated roles defined in the HR system through dynamic group membership in Microsoft Active Directory. Select personnel can remove protection for files that are no longer sensitive or Revoke access for those files no longer needed.
The Fasoo security solution meets strict security requirements to protect all sensitive customer information, whether at rest, in transit or in use. The Company can guarantee its customers and regulators that it protects any PII from unauthorized access. By streamlining the existing business process and controlling file access to sensitive data, the Company not only reduced its risk, but also saved time and money.
Another key benefit was minimal impact to user productivity, since users of encrypted documents continue to access them using existing office applications, such as Microsoft Office and Adobe Reader. Integrated security with existing identity and access management systems means that users do not need to change their daily routines for authentication. This is important in a retail environment that can have high employee turnover.