Thales e-Security's Vormetric Data Security Platform provides solutions for Gramm Leach Bliley Act (GLBA) compliance
Regulation
Active now
Also known as the Financial Services Modernization Act, the GLBA applies to U.S financial institutions and governs the secure handling of non-public personal information including financial records and other personal information.
Thales eSecurity provides solutions for Gramm-Leach-Biley Act (GLBA) through:
Section 501(b) of the Gramm-Leach-Bliley Act requires financial institutions to protect the security, confidentiality and integrity of non-public customer information through “administrative, technical and physical safeguards”. The Gramm-Leach-Bliley Act also requires each financial institution to implement a comprehensive written information security program that includes administrative, technical and physical safeguards appropriate to the size, complexity and scope of activities of the institution. These include:
For organizations affected by the standard, these Gramm-Leach-Bliley privacy regulations, combined with referenced requirements under the Federal Deposit Insurance Act – section 36, result in the need to:
Thales e-Security provides key portions of the solution to these compliance problems including security controls that enable organizations to safeguard and audit the integrity of customer records and information against a broad range of threats. Thales e-Security supports these activities across widespread heterogeneous infrastructures that include virtualized environments, cloud and big data implementations as well as within traditional data centers. This single platform solution to multiple data protection needs helps organizations meet compliance requirements with low TCO and an easy-to-deploy, centrally managed infrastructure and solution set.
The combination of encryption, integrated key management and access controls meets the needs for creating and maintaining access controls to customer records and information. Only authorized personnel and programs see decrypted information, while all others have no access to the data. Security intelligence information from Thales e-Security details who accesses data, leaving a clear audit trail, and enables extended security controls warranted by today’s threat environment for recognizing compromised accounts when combined with a SIEM or Big Data for Security implementation.
Vormetric Transparent Encryption from Thales e-Security provides file and volume level data-at-rest encryption and integrated, secure key management with a best practices implementation. Access controls and data access monitoring information extend protection by limiting data access to only personnel and programs authorized to do so, and provide the security intelligence information required to identify accounts that may represent a threat because of a malicious insider, or a compromise of account credentials by malware.
Vormetric Application Encryption from Thales e-Security adds another layer of protection, enabling organizations to easily build encryption capabilities into internal applications at the field and column level.
Vormetric Key Management from Thales e-Security enables centralized management of encryption keys for other environments and devices including KMIP compatible hardware, Oracle and SQL Server TDE master keys and digital certificates.
This paper cuts through the confusion to help you pick the best encryption and tokenization options for your projects. The focus is on encrypting in the data center...
Mandate
Active now
Since June 5, 2014 federal agencies have been required to meet FedRAMP standards, ensuring they meet internal data security standards and extended security controls for cloud-computing.
Learn More Regulation
Active now
These regulations cover healthcare information in the US, HIPAA relates to protection; encryption, key management. etc and HITECH relates to disclosure of data breaches.
Learn More Regulation
Active now
United States Federal Law setting standards for a range of US companies, SOX Act sections 302 and 404 relate directly to data protection.
Learn More
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about.Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.
Thales e-Security is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales e-Security.Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly.Christian MuusDirector of Security for Teleperformance EMEA
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data.Audley Deansenior director of Information Security,
BMC Software
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs.David VargasInformation Security Architect
Cadence Design Systems
My concern with encryption was the overhead on user and application performance. With Thales e-Security, people have no idea it’s even running.Karl MudraCIO
Delta Dental of Missouri
The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place.Joseph Johnson,chief information security officer CHS
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We selected Thales HSMs to provide robust security, unmatched performance and superior scalability across… Joe Majka,Chief Security Officer
