Resources

Explore various Fasoo products by downloading and reading our collateral

Universal Bank Uses Fasoo to Detect PII and Meet Privacy Requirements

An international bank identifies and protects personally identifiable information (PII) and other sensitive data to meet internal security requirements, and privacy regulations and to satisfy regulators

Universal Bank Uses Fasoo to Detect PII and Meet Privacy Requirements
ico_use_case_company

Company

This global, full-service financial firm provides advisory, commercial banking, and investment services in over 50 countries. Its focus on digitalization and customer centricity delivers superior service and positions it to compete well in the global economy.

Challenges

In the course of business, the Company collects and manages personally identifiable information (PII) and other sensitive data from its customers, employees, partners, and general business operations. It needs to locate and classify this data, find out how it is being used, and protect it against loss, theft, or leakage. The Company must maintain control of this information and ensure employees, contractors, and suppliers do not share it with unauthorized companies or users, both inside and outside the bank. If the information is exposed, the Company will violate privacy regulations, face penalties from regulators, and lose customers as confidence erodes in the Company’s ability to protect sensitive data.

The Company had a large amount of unstructured data in file servers and in SharePoint that needed to be safeguarded against unauthorized access. The files were mainly Office, PDF, and images and were organized by departments or functions. The Company had an existing data classification schema defining public, confidential, and restricted, and who in the organization could access them. Certain types of documents required encryption and limited access, while others were just classified to alert users to potential risks. Department heads, security teams, and executives wanted to visualize the entire data access control structure, audit, and report on all aspects of data use.

Solutions

The Company implemented Fasoo Data Radar (FDR) to discover and classify sensitive files defined as nonpublic information (NPI) and bank-sensitive data. Using keywords and expressions to identify the files, the first step was to report the findings to department managers. Each manager decided on steps to classify, delete or archive them. Since FDR also identified obsolete and redundant files, this simplified the process. It also helped identify files that should not be kept on endpoints but should be stored in managed document repositories.

Once managers determine file disposition, they could choose to manually or automatically classify and encrypt files at endpoints or in specific shared folders. Certain departments chose to encrypt files as users added them to specific locations and granted access to predefined groups. Others allowed users to protect the files and assign user access and permissions manually. This allowed flexibility to meet different use cases for each department.

Fasoo Enterprise DRM enforced granular permissions to encrypted files that limited a user’s ability to view, edit, print, take a screen capture, or run a macro in the file. Some departments needed to remove the encryption to upload files to regulator portals or share them through secure collaboration channels. Users requested permission to decrypt these files from their managers in an easy-to-use workflow process. This allowed a full audit trail of actions and complete oversight to meet bank security and regulatory requirements.

FDR provided extensive reports so the bank could prove to regulators it identified and managed all NPI, per numerous privacy regulations. If auditors or regulators wanted to access sensitive files to validate claims, the Company could grant temporary View access to the encrypted files. A complete audit trail of file access showed a chain of custody for sensitive files in wealth management and other highly sensitive areas since these were common areas for insider threats and abuse.

ico_use_case_benefits

Benefits

The Fasoo solution meets security and privacy requirements to identify, classify, protect, and manage sensitive data. Auditors, department managers, and regulators can see file location, quantity, what information inside the file is sensitive, and who accessed the file. As users access classified and encrypted files, there is minimal impact on user productivity since users continue to access them using their existing Microsoft Office, image, video, and Adobe applications. Integrated security with existing identity and access management systems means that users do not need to change their daily routines for authentication. This is important for easy adoption and acceptance by employees and contractors.

A complete audit trail of document activities provides insight into file usage, including unauthorized access. The Fasoo solution met requirements to protect NPI and other sensitive data and ensure it can’t be accidentally or deliberately shared with unauthorized people. The Company can guarantee its customers and regulators that it protects any PII from unauthorized use.

Book a meeting