CAMBRIDGE, Mass. — As the saying implies, "walking the walk" is far more convincing than simply proclaiming such a necessity.
So when Scott Mackelprang, vice president of security and compliance at Digital Insight, began not only touting but also executing increased security measures, the credit union sector took notice.
According to Cambridge-based Forrester Research, Digital Insight (DI)–acquired by Intuit in February–remains the largest on-demand provider of online banking services in the United States, with more than 2,000 credit unions and banks as clients.
Recommended For You
A Forrester case study of DI defenses notes that consumers can manage finances, apply for loans, pay bills, view statements, order checks and transfer loans online through the company's proprietary system.
The more robust a system, however, the greater the security challenges to defend it. Perhaps not surprisingly, then, California-based Digital Insight was an early adopter of information leak prevention technologies (ILP) plus a comprehensive suite of security solutions–which the company calls "Deep Defense"–aimed at prevention, detection, correction and reporting of security threats for its clients.
"Deep Defense," according to Mackelprang, can best be described as a series of interconnected–and fiscally sound–security steps capable of adoption by any financial institution, says the Forrester report authored by analyst Thomas Raschke.
The initial step calls for recognizing and addressing the dangers of at-rest data. In specific, protecting such information following employee non-compliance and/or internal security holes.
These dangers must be supplemented by regular monitoring of data transmission across a network; sensitive data cannot be allowed to leave a company's digital confines. Particular emphasis, says Mackelprang, should be placed on e-mails containing sensitive content and on portable storage devices, such as USB sticks, CD/DVD burners and iPods.
In turn, high attention creates high levels of data accuracy and classification. Raschke says Mackelprang credits accurate data classification with increased scalability, performance and cost-savings for DI. These assets, the Forrester report says, empower "Deep Defense" to scan terabytes of data across thousands of computers in record time — including infrequently connected systems and laptops.
Perhaps even more importantly, timely, systematic analyses spot information leakages before they evolve into data floodgates, Forrester says. Finally, accurate data classification likewise empowers creation of a centralized management function needed to maintain an IT system. No small feat for multi-site settings consisting of hundreds of users, the think firm says in its report.
"Deep Defense" practices, says Mackelprang, also are powerful allies in reporting and regulatory compliance. Strong ILP security procedures demonstrate a tangible commitment to such matters. Classifying data according to sensitivity plus an emphasis on prevention through awareness programs and training are ideal places to start, the Forrester report says in its analysis of DI's practices.
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more inforrmation visit Asset & Logo Licensing.
