Thales e-Security's Vormetric Data Security Products help US Credit unions comply with The National Credit Union Administration's (NCUA) regulations and requirements
Regulation
Active now
The Federal Financial Institutions Examination Council (FFIEC) develops uniform reporting systems for federally supervised financial institutions, including credit unions. The Council helps credit unions prepare for NCUA audits and comply with federal mandates and standards, including those for data security.
Among these are:
According to FFIEC:
Financial institutions should have an effective process to administer access rights. The process should include:
FFIEC also notes:
In addition, FFIEC offers guidelines for security monitoring.
Financial institutions should gain assurance of the adequacy of their risk mitigation strategy and implementation by:
Vormetric’s Data Security Platform provides state of the art user access control.
Thales e-Security protects the data itself through Vormetric Transparent Encryption with integrated Key Management for data at rest, Application Encryption, Tokenization with Dynamic Masking and more. These techniques make the data meaningless and worthless without the tools to decrypt it.
Thales e-Security enables the credit union to monitor and identify extraordinary data access. Vormetric Security Intelligence provides detailed management logs that specify which processes and users have accessed protected data. The detailed management logs specify when users and processes accessed data, under which policies, and if access requests were allowed or denied. The management logs will even expose when a privileged user submits a command like 'switch users' in order to attempt to imitate, and potentially exploit, the credentials of another user.
Sharing these logs with a security information and event management (SIEM) platform helps uncover anomalous patterns in processes and user access, which can prompt further investigation. For example, an administrator or process may suddenly access much larger volumes of data than normal, or attempt to do an unauthorized download of files. These events could point to an APT attack or malicious insider activities.
This paper cuts through the confusion to help you pick the best encryption and tokenization options for your projects...
Frost and Sullivan analyst discusses why Thales e-Security was honored as the recipient of the prestigious 2015 Frost & Sullivan Innovation Award...
Mandate
Active now
Since June 5, 2014 federal agencies have been required to meet FedRAMP standards, ensuring they meet internal data security standards and extended security controls for cloud-computing.
Learn More Regulation
Active now
These regulations cover healthcare information in the US, HIPAA relates to protection; encryption, key management. etc and HITECH relates to disclosure of data breaches.
Learn More Regulation
Active now
United States Federal Law setting standards for a range of US companies, SOX Act sections 302 and 404 relate directly to data protection.
Learn More
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about.Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.
Thales e-Security is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales e-Security.Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly.Christian MuusDirector of Security for Teleperformance EMEA
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data.Audley Deansenior director of Information Security,
BMC Software
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs.David VargasInformation Security Architect
Cadence Design Systems
My concern with encryption was the overhead on user and application performance. With Thales e-Security, people have no idea it’s even running.Karl MudraCIO
Delta Dental of Missouri
The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place.Joseph Johnson,chief information security officer CHS
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We… Joe Majka,Chief Security Officer
