Protiviti helps global financial services client
pinpoint possible data leakage areas, increase
customer security and priv...
How We Help Companies Succeed
As the business world becomes more and more connected, it is critical to view information se...
Upcoming SlideShare
Loading in …5
×

Protiviti helps global financial services client pinpoint possible data leakage areas, increase customer security and privacy - a case study

164 views

Published on

A large retail bank with credit card and investment divisions asked Protiviti to review and provide guidance on the security of its internal systems. Specifically, management was concerned about the extent to which sensitive private and corporate information was stored on insecure servers, raising the possibility of leaving corporate work and proprietary information unprotected and exposing the company to legal and reputational challenges.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
164
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Protiviti helps global financial services client pinpoint possible data leakage areas, increase customer security and privacy - a case study

  1. 1. Protiviti helps global financial services client pinpoint possible data leakage areas, increase customer security and privacy IT Consulting – Managing IT Security and Privacy Client Challenge A large retail bank with credit card and investment divisions asked Protiviti to review and provide guidance on the security of its internal systems. Specifically, management was concerned about the extent to which sensitive private and corporate information was stored on insecure servers, raising the possibility of leaving corporate work and proprietary information unprotected and exposing the company to legal and reputational challenges. POWERFUL INSIGHTS Protiviti’s team of IT security and privacy experts worked with the company’s internal security teams to track the flow of sensitive data and identify crucial data leakage points. As part of the investigative process, Protiviti: • Conducted a data process mapping exercise to identify the types of data our client was concerned about and the business processes involved in the data management cycle. • Focused the data discovery on specific sensitive information such as personally identifiable information, credit card data and customized confidential data. • Used a combination of monitoring and discovery tools to help our client identify where this sensitive data was stored and its flow in and out of the organization. • Produced a detailed report outlining the specific types of sensitive data existing on unprotected email and file servers, such as unencrypted credit card numbers, private personnel data, bank account details and passwords. PROVEN DELIVERY By the end of our engagement, the client had gained better visibility into the business areas involved with processing sensitive data, creating a previously non-existing awareness of sensitive data leakage opportunities. Our client received concrete evidence regarding systems that were in breach of security policies by not encrypting data effectively and/or bypassing privacy controls, and a list of unauthorized materials likely to cause reputational or legal damage.
  2. 2. How We Help Companies Succeed As the business world becomes more and more connected, it is critical to view information security and privacy as a business issue, not just an IT issue. Security threats, vulnerabilities and privacy exposures challenge every organization today, creating risks that must be understood and managed. Often, organizations do not know what risks they face or how to manage these risks. Equally important, good security and privacy practices can provide revenue growth opportunities through personalized support to clients. Protiviti provides a wide variety of security and privacy assessment, architecture, transformation and management services to help organizations identify and address security and privacy exposures (e.g., loss of customer data, loss of revenue, or reputation impairment to a customer) before they become problems. We have a demonstrated track record of helping companies react to security incidents, establish security programs, strengthen identity and access management practices, and handle industry-specific data security and privacy issues, including PCI and HITRUST. We invite you to explore the various IT security and privacy services we offer: • Security Strategy & Program Management Services • Identity & Access Management Services • Data Security & Privacy Management Services • Vulnerability Assessment • Security Operations & Implementation Services • Incident Response & Forensics Services Contact Cal Slemp +1.203.905.2926 cal.slemp@protiviti.com About Protiviti Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through our network of more than 70 offices in over 20 countries, we have served more than 35 percent of FORTUNE 1000® and FORTUNE Global 500® companies. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index. ©2014 Protiviti Inc. An Equal Opportunity Employer. PRO-PKIC-0114-144 Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

×