Data Classification for Finance and Insurance
Financial Services organisations deal with masses of PII every day at each and every level of the organisation. They deal with information that can build or destabilise a market, or even an entire economy.
It’s no great surprise therefore, that with the FCA and PRU (UK), and SEC and FINRA (US) governing the industry, compliance is complex. Regulations and legislation such as Sarbanes-Oxley (SOX), NYDFS, BS10010, MIFID II, GDPR, Basel II/III, PCI-DSS and ISO 27001are continually being updated, and penalties for non-compliance can be crippling.
Only by through controlling your data and understanding where it travels can you put safeguards and measures in place to ensure compliance requirements are being met.
Data Classification is the essential first step on the road to understanding, controlling and managing data within Financial Services and Insurance . With HANDD already representing 8 of the world’s 10 largest banks and 2 of the world’s top 5 investment organisations, who better to guide you in designing and implementing a successful data classification policy.
Find out how HANDD’s team of specialists can support you at any or every stage in implementing data classification in your organisation. Call +44 (0)8456 434 063 today.
We secure the entire journey of your data, from consultancy and technical design, right through to installation, training and support.
Challenge: Controlling data with vast user access
With over 4000 end users, an Insurance industry client came to HANDD for help. They needed to ensure policy details couldn’t be sent to unauthorised external parties by email. Using data classification, we identified and classified new documents containing policy numbers. Then we integrated the classification platform with the client’s Symantec DLP solution, enabling DLP to work more efficiently to ensure sensitive content only travels to cleared recipients.
Challenge: Managing compliance with large volumes of legacy data
With billions of records to sift through and strict compliance mandates, a global bank needed to get control over their legacy data. First, using a discovery tool HANDD helped them identify their sensitive data and discover where it was stored. Then, we labelled their data using Data Classification. This enabled them to apply protective measures efficiently to their most sensitive files for the first time.
Challenge: Ad-hoc application of protective measures
Staff typing SECURE into email subject lines to trigger downstream protection of sensitive data left plenty of scope for error. At this leading financial services organisation classification was inconsistent and ad-hoc. Security of delivery was unreliable. They contacted HANDD for help improving their classification processes. We implemented a Data Classification solution that would automatically classify emails. Integrating with a message gateway it prevents data falling into the wrong hands.