ENTERPRISE INFORMATION PROTECTION

In many industries, sensitive employee and consumer data is, by necessity, viewed by thousands of employees and outsourced workers every day. Banks, insurance companies, doctors and more require access to credit and health information, social security numbers, and addresses to provide the service and support that consumers expect. At the same time, those businesses must contend with hackers, unethical employees, and the protections required by demanding regulatory laws such as HIPAA, PCI, and PII.

One common method of enabling business processes while protecting sensitive information within new or legacy applications is data masking and redaction.  Through masking and redaction, employees, contractors, and outsourced workers see only the information necessary to perform their jobs.  For example, an employee might see only the last four digits of an account number instead of the whole thing. Enterprises around the world have applications that enable them to execute their daily business processes. Many of these applications were developed before the advent of privacy regulation laws and do not have any data masking or redaction capabilities. To achieve compliance, businesses are faced with the choice of rewriting legacy applications or creating new ones from scratch. Both methods can be prohibitively expensive and unacceptably disruptive to business processes.

Businesses need to ensure that application monitoring, logging, masking, and redaction capabilities are in place to protect their data and comply with current privacy regulations.  Few, however, have the money to spend on new or legacy application development. Verdasys Digital Guardian is the solution to this problem. Digital Guardian, Verdasys’ Enterprise Information Protection (EIP) platform, has the ability to work with any Web and 3270 application and track, monitor, log, and mask the information flowing through that application. Digital Guardian can automatically alert administrators to unauthorized activity and, using Digital Guardian’s forensics capabilities, can allow administrators to analyze everything from risk on an enterprise-wide scale down to the details of a single incident. In addition, DG can dynamically mask the data users are able to see based on their privilege level and a dynamic content analysis of the information presented. An authorized user might be allowed to see a full credit card number as 1111-1111-1111-1234, while an unauthorized user would see the same number as ****-****-****-1234.

• Dynamically manipulate how sensitive data is displayed on a user’s screen as it streams into a front end application (like a 3270 emulator or browser) from a mainframe or web server
• Policy based functionality that can automatically change based on the user’s authorization
• Premade ‘privacy compliance packs’ created together with dozens of world-class customers allows near-instant compliance with privacy laws
• Avoid disruption to valuable business processes
• Track, monitor, and mask data in use across legacy, client-server, and web applications in real time
• Full audit and forensics capabilities allow administrators to analyze risk and produce evidence as needed in litigation