Company Background

Our client is a leading provider of core processing services for financial institutions, card issuer and transaction processing, and related information products and solutions. It maintains a strong global presence, processing massive amounts of data daily for more than 9,000 financial institutions in over 80 countries, as well as processing more than 50 percent of mortgages in the United States.

In addition to processing a tremendous volume of information, the nature of customer data that travels between the data processor and its business partner network of banks, insurance companies, law firms, and mortgage brokers is highly sensitive. In the exchange, data is transferred daily via FTP or copied to CD/tape from UNIX® servers and mainframes.

Challenges and Requirements

Given the volume and complexity of its data exchanges, the company needed to find a practical data encryption solution – one that would strongly secure data outside of its perimeter. As summarized by the company’s Chief Technology Officer, “Protecting consumer data from theft or exposure is an extremely high priority for us, and our customers look to us for leadership in implementing solutions to prevent identify theft.”

The organization wanted assurances that sensitive information would be protected from theft, loss, or misuse while in transit and at rest. With the ever-present risk of lost backup tapes and data theft, partners were relying on the financial technology provider to find a security solution applicable throughout the data exchange and storage process.

The company itself had a vested interest in securing its partners’ processes, as the data processor’s name was the brand prominently associated with the data exchange. However, security is inextricably bound to productivity. The challenge facing the firm was to find a practical solution that would operate compatibly with its infrastructure and assimilate easily into its partners’ processing environments.

Competitive Landscape

The company conducted an in-depth search, evaluating PGP®, MegaCryption, and SecureZIP PartnerLink™, a deployment of PKWARE’s SecureZIP® solution that’s designed specifically for data exchange with business partners. Among the contenders, SecureZIP PartnerLink was the only solution that could satisfy the organization’s compatibility requirements.

Strength. The solution leverages X.509 digital certificates, not just passphrases, for more robust data security. It also leverages the industry-leading BSAFE® cryptographic libraries from RSA Security® to provide cutting-edge, strong encryption.

Adaptability. SecureZIP PartnerLink also easily overcomes barriers of implementing wide-scale data security outside the enterprise. The application is based on the widely adopted and completely interoperable ZIP standard, a cross-platform solution. ZIP works seamlessly with all major computing platforms, including Windows® desktop, UNIX/Linux®/Windows® servers, and IBM® i5/OS® midrange and z/OS® mainframe systems.

“Our partners can, and do, operate a wide variety of platforms, both on the desktop and in the data center. With SecureZIP PartnerLink, I don’t have to worry about compatibility issues, which is a huge plus,” the CTO stated.

Practicality. SecureZIP PartnerLink can become operational in hours, rather than weeks or months. As a solution, it lives up to SecureZIP’s reputation for radically reducing implementation and operational risk and cost commonly associated with other data security solutions.

“We conducted an extensive evaluation of many alternative security solutions before deciding on SecureZIP PartnerLink. It clearly provided the lowest risk, highest performance, and easiest integration and support options for our existing infrastructure,” explained the CTO.

The Solution – SecureZIP PartnerLink

Traditionally, data security professionals within the enterprise have been unable to control the IT environments of business partners in data exchange. SecureZIP PartnerLink solves this problem. Enterprises become sponsors that distribute the software at no cost to partners. In addition, partners are not burdened with the task of implementing security management. SecureZIP’s policy management enables the sponsor to set security protocols, so that they are automatically and effortlessly enforced.

In short, the design of SecureZIP PartnerLink enables the sponsor to assume control of the data exchange process and protect its reputation in the marketplace. At the same time, SecureZIP PartnerLink respects the interests of partners, enabling all parties involved to work with independence.

The solution also protects the sponsor’s investment. As a SecureZIP PartnerLink sponsor, the financial technology provider can encrypt and send files to all its partners; they, in turn, can return encrypted files back to the processor. However, its partners cannot encrypt and send files to other endpoints.

The company’s security measures have received an enthusiastic response from its business partners. “With the volume of sensitive data we host, identity theft is a serious concern. We’ve taken care to build a world-class data center that passes the most rigorous audit groups, such as the FDIC and FFIEC,” the CTO said. “With all the reports circulating about other companies losing tapes with unencrypted data, our reputation as a market leader really sets us apart. We’re proud to be raising the bar on data security with SecureZIP PartnerLink. In today’s business environment, it’s really just common sense.”