eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
A shared branching network controlled by credit unions from around the globe has forged a partnership with two security vendors in the name of data protection.
The FSCC (Financial Service Centers Cooperative), which has more than 1,000 branches, is working with GlobalCerts and Websense to enhance network security measures for the FSCC.
Throughout 2006, the FSCC experienced tremendous growth in transaction activity—a trend that demanded attention and a solution for the risks associated with wrongful data exposure incidents.
With plans to expand to an additional 2,200 locations at select 7-Eleven stores nationwide, data security is a top priority, FSCC officials said.
“We have been working with both companies on this solution for several months, and from a Network provider standpoint we felt it was critical to ensure that data and confidential information would not leak out by accident through e-mails, faxes or printers in our offices,” said Bonnie Kramer, the FSCCs Chief Operating Office.
Though the FSCC offers a variety of fraud prevention training, tools and disaster recovery services to its members, the organization also needed a solution to protect confidential customer and financial data from being accidentally or maliciously exposed, officials said. Enter Websense with its Websense Content Protection Suite.
“We have a solution that really fits that need,” said Devin Redmond, director of security products for Websense.
The Websense Content Protection Suite locates sensitive data inside the network and monitors the data as it travels inside or outside a company. The solution also protects the data with policy-based controls set up by the business.
Redmond said credit unions need the ability to exercise tight control over what users can do to prevent data breaches.
In some ways, business practices have not evolved as fast as the technology companies use to transmit information, he added. Credit unions, he said, have their eye on the ball when it comes to finding the good security for the best price.
In addition to adopting Websense Content Protection Suite, FSCC looked to implement an e-mail encryption system to protect sensitive data from being transmitted in clear text and other channels of communication throughout the FSCC organization.
To this end, the FSCC selected the Charlottesville, Va.-based GlobalCerts SecureMail Gateway for e-mail encryption.
GlobalCerts was founded in 1999 and develops secure messaging products based on industry-accepted standards and regulatory requirements. The single appliance solution turned out to be cost-effective and easy to deploy, with almost no end user training required, FSCC officials said.
“I think credit unions are realizing how important it is to make sure member information is secure from all access points,” Kramer said. “We feel this solution will assist credit unions with their own internal systems in monitoring and stopping sensitive member or non-public information from being sent out. Credit unions also need to ensure that their Web site provider has the appropriate software in place to deter this type of activity.”
Unlike traditional data protection measures that focus solely on external threats or inbound attacks, the Websense-GlobalCerts solution helps the FSCC address the dangers of the insider threat, popularized by recent breaches at Dupont and TJX.
“We feel both companies provide a solution that credit unions will be able to incorporate into their systems to assist in preventing sensitive member or non-public information from being accidentally included in e-mails or other documents from being distributed,” Kramer said. “The credit unions or companies must have secure policies and procedures that would prevent this type of breach. It is not just the system, it is also the people.”
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.