Company Background
Our client is one of the world’s largest financial services companies, providing individual consum­ers, small and medium businesses, and large corporations a full range of banking, investment, asset management, and other financial products and services. The company serves clients in more than 150 countries.

Challenges and Requirements
Our client has customers around the world in a variety of different industries; they strive to satisfy their needs and maintain exceptional customer service. For many of their large corporate clients, the bank offers electronic payments networks so that clients can send a single file with billing infor­mation, including recipients and amounts of various payments. Once received, the bank processes the file and makes payments to the various contacts on the list. The majority of payments are handled electronically (ACH), although some are made via physical checks.

One particular client, a leading Internet media technology company, has thousands of royalties that need to be paid out on a monthly basis. These payments range in dollar amount and are sent to re­cipients around the world. The bank’s client had recently performed an internal audit, determining that all sensitive data that resided on their network (or that was shipped to outside vendors) must be encrypted, both when at rest and in transit. The client’s internal Risk Assessment Group wanted to ensure that, as a leader within their industry, they preserved their brand integrity and avoided any negative publicity that could affect the brand as a result of a data breach.

Competitive Landscape
As a result of their internal policy changes, the bank’s client stated that they needed to send an encrypted PGP file to the bank for processing. The bank, a long-time PKWARE® customer, informed their client that they would prefer to receive SecureZIP-encrypted files, as the solution had proven to be flexible, easy to implement, and cost-effective.

The Solution – SecureZIP Server Enterprise Edition
This was the first time the bank had received a request from one of its clients to encrypt informa­tion itself, rather than just transmitting information via a secure connection. The previous process for file exchange and transfer involved a server application creating a payment file biweekly that contained names, addresses, and amounts to be paid to each of the client’s recipients. The file was then transmitted via secure FTP to the bank where it was processed and payments were made to the recipients on the list.

As a result of the client’s recent internal policy changes, the files needed to be encrypted first and then sent to the bank, where they would be decrypted and payments would be processed. Both the bank and their client saw the value in implementing SecureZIP Server Enterprise Edition. Using SecureZIP, files are encrypted on the originating HP-UX® UNIX® machine and can then be sent via any transport method (including portable media) to the bank where the file is easily decrypted and payments can be processed. Because the information itself is encrypted, it cannot be accessed when at rest at either the point of origin or destination; and it remains protected during transit, even if the information is intercepted or lost.

Using SecureZIP Server Enterprise Edition, the bank was able to quickly address and solve a crit­ical business problem with an important client. In the future, additional business units within the bank can look to SecureZIP to not only address data security needs and requirements, but to further enhance customer service and their relationships with clients and business partners.