5
Ways Global RETAILERS Protect THEIR CUSTOMER Data ETAIL
FOR R
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
In the new digital environment, keeping pace with security is the new reality
ETAIL
FOR R
Digital disruption over the last decade has impacted how retailers communicate, connect, and sell to their customers. This transformation has caused a significant increase in technology that drives intelligence and analytics of customers.
When personalizing the customers’ journey, many retailers find their traditional security can’t keep pace with the increase in technology and business requirements. In response, organizations are looking at alternative, data centric protection methods to enable them to scale more effectively.
2
Data responsibilities…
Data protection drives…
• Payment Card Industry
• Customer acquisition and loyalty
• Personally Identifiable Information
• Establishment of trusted brand
• Cloud personalization program
• Expansion into new market sectors
• Multi Channel
• Digital innovation
• General Data Protection Regulation
• Enhanced customer experience
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
Helping Brands Protect Sensitive Assets for Over 10 Years Protegrity has a passion for our customers, our people and the work we do. We’re keen to share the best practices for protecting sensitive data which we’ve honed from working with over 300 global brands. Our disruptive data protection solutions offer better flexibility and capability in a way that will not compromise operational excellence or digital success.
Protegrity expertise includes central control of… Data Discovery Enterprise-wide Data Protection Cloud and Big Data Security Encryption and Pseudonymisation Audit and Compliance Reporting
Our work is driving analytical excellence through more powerful, flexible data security and compliance with key regulations as shown in the following use cases
Given the highly sensitive nature of the services we provide to our customers, their identities have been anonymized here to protect their security posture but further details are available upon request.
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
3
1 eCommerce Retailer
ETAIL
FOR R
Compliance with internal privacy requirements and industry data protection standards within a very short turnaround time made this eCommerce giant seek advice about security solutions to protect PII and PCI data within their data warehouse.
The global online retailer felt confident they had found a security solution they could trust to protect customer information without compromising performance. Within three weeks, data discovery was complete and the entire solution took fewer than six months to implement. The retailer started by providing Protegrity with a list of high priority sensitive data elements to be protected, which formed the basis of their organization’s security policies. Protegrity’s Enterprise Security Administrator enabled the retailer to centrally control and enforce security policies throughout the data flow, and Protegrity Database Protectors ensured that sensitive information remained protected within the enterprise data warehouse. 4
This deployment also allowed the retailer’s security team to restrict access to sensitive data to authorized users only and automate monitoring, auditing and alerts on the entire data security system for compliance with not only internal privacy requirements but also those of the GDPR ahead of time. This global eCommerce company is now expanding the Protegrity model to bring their entire organization into compliance with international data protection regulations.
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
IMPACT Negligible
DEPLOYMENT Less than 6 months
VOLUME PII protection in 500 tables
DRIVER
Protegrity came very highly recommended by data warehouse provider and they’ve more than met our expectations.
Compliance with internal requirements and industry standards for data protection
CHALLENGE A very short deadline for project completion
STEPS TO SUCCESS Working with data owners to discover sensitive data elements throughout the data flows
SOLUTION Protegrity’s Enterprise Security Administrator and Database Protectors for central control of data protection, monitoring and alerting
BENEFITS Compliant business performance continuity and an established model for GDPR success ahead of time
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
5
2 MULTINATIONAL RETAILER
ETAIL
FOR R
Internal privacy policies dictated that this multi-billion dollar retailer protect the identities of their many customers and employees, an ambitious goal for a global brand committed to analytics for “digital lift” and subject to regulations including the U.S. Food & Drug Administration (FDA) reporting requirements.
Protegrity data security solutions inimitably allowed the retailer to realize their ambitions in a complicated, heterogeneous IT landscape. Starting with Social Security Numbers (SSN), this retailer deployed Protegrity Database Protectors to protect employee data in the integrated data warehouse from Teradata. This became the blueprint for expanding Protegrity’s footprint to include SQL Server and big data Protectors for Pivotal HD, to protect sensitive information and business processes throughout the enterprise.
without the need for changes to existing tables, applications and operational processes including analytics. Using Protegrity’s Enterprise Security Administrator enables this retailer’s security team to centrally monitor and restrict access to sensitive data, define alerts for the entire data security system and automate auditing and reporting for compliance with the FDA.
Leveraging Protegrity Vaultless Tokenization, which replaces sensitive data with secure tokens of the same data type and length, has enabled this retail brand to democratize access to data 6
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
IMPACT Almost no negative effect on business processes
DRIVER
Protegrity allowed our internal customers to access and analyze the data in realtime – all the while keeping the data safe.
Maintaining privacy as a corporate brand value while enabling analytics for “digital lift” and complying with FDA regulations
CHALLENGE Democratizing data access while satisfying stringent corporate and legal requirements without compromising business processes
STEPS TO SUCCESS Focusing on one sensitive data element as a priority and using tokenization to protect it without diminishing its value which served as a blueprint to scale and expand security to other business systems
SOLUTION Protegrity’s Enterprise Security Administrator and Database and Big Data Protectors enable this organization to centrally control, audit and report access to sensitive information
BENEFITS Compliant data democratization without compromise to analytical value or business continuity 5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
7
3 GLOBAL RETAILER
ETAIL
FOR R
A global nutrition corporation that develops, markets, and sells dietary supplement, weight management, sports nutrition, and personal care products needed to comply with PCI DSS Level 1 merchant compliance by securing 117MM sensitive customer payment card records in 400+ controls in a very short timeframe.
As a PCI DSS Level 1 merchant, the retailer must comply with the strictest regulations in the industry pertaining to the handling of sensitive payment card data. The retailer potentially faced a series of very large, escalating fines for noncompliance. The retailer needed an approach that would allow them to take as many environments as possible out of PCI DSS compliance audit scope, which would require removing PCI data from those systems.
The retailer chose Protegrity after evaluating performance, cost, and definitive peer references. Protegrity offered the most powerful and cost effective solution.
“There were more than 400 controls that could apply to over 117 million customer records stored, if we didn’t reduce scope,” said the retailer’s Head of Global Information Security. That complexity would require weeks or months to complete each annual PCI DSS audit.
8
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
IMPACT Little to no impact on existing systems
DEPLOYMENT 2 days
VOLUME 400 controls across 117 million customer records
DRIVER Compliance with PCI DSS
I’ve never been involved in a process of implementation that had so little negative impact on users… Protegrity’s services team have been world class.
CHALLENGE Reduce the scope of the PCI DSS audit dramatically across a large and complex IT estate
STEPS TO SUCCESS Protegrity support and services teams worked closed with the retailer to ensure a rapid transition. Implementation took only 2 days to secure over 117 million customer records
SOLUTION Protegrity Enterprise Security Administator, Protection Server, Application Protector using vaultless tokenization
BENEFITS Met PCI DSS compliance in a 2 day implementation and took infrastructure out of PCI audit scope. Provided centralised oversight and administration of secure data across the entire enterprise
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
9
4 UK RETAILER
ETAIL
FOR R
A multinational, multi-brand, omnichannel retailer required the highest levels of data security to maintain and future-proof their brand’s reputation, and cope with peak trading demands without any compromise to performance, analytics agility or user experience.
This retailer had a requirement comply with internal privacy policies, industry regulations and the GDPR throughout their enterprise and across multiple current and legacy systems. The retailer chose Protegrity to protect sensitive information across the organization including Oracle, DB2, Mainframe and Teradata as well as intercepting online web forms filled in by customers at account creation. Working closely with the client’s internal team, Protegrity architected a solution that protected data at use, in transit and at rest. The solution was deployed at tactical points within the network to accommodate data being created by customers and employees at the earliest moment of its journey, thus minimizing
10
the risk of data being available in its clear format. 20 years of legacy data residing within IBM mainframes and DB2 was also protected as well as data stored in a Teradata warehouse, Microsoft SQL DB and Oracle. Protegrity enabled analytics platforms to enhance retail decision making whilst maintaining mandatory high standards for data privacy and also meets an additional requirement to provide data protection methods that will enable transition to the Cloud in the future.
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
DRIVER Compliance with internal and external regulations
Protegrity were the only organization able to respond to our need to protect a large number of environments within a relatively short timeline.
CHALLENGE Multiple different environments and short deadline for completion
STEPS TO SUCCESS Architected the solution closely with the retailer’s internal team and deployed protectors at tactial points within the network
SOLUTION Protegrity’s Enterprise Security Administrator, Database Protectors for Oracle, DB2, Mainframe and Teradata and Data Security Gateways
BENEFITS Solution is highly scalable and will expand to enable the retailer to transition to the Cloud as well as enabling them to comply with critical regulations such as GDPR
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
11
5 US cONVENIENCE STORES
ETAIL
FOR R
The second largest chain of company-owned and operated gasoline and convenience stores in the US needed to reduce the time and expense of complying with PCI DSS.
For the large retailer, the process of complying with the Payment Card Industry Data Security Standard (PCI DSS) consumes a major slice of staff time and budget. High transaction volumes and a very short window to handle payment settlement meant the system had to have very high throughput and scalable performance. Due to the legacy mainframe environment, the implementation also required little to no modification of systems. Protegrity implemented a Vaultless Tokenization appliance in a staging environment outside the backend systems.
12
The transaction information from the gas stations is sent securely to the Protegrity appliance and placed in an encrypted file. The secure file is parsed and Credit Card Number (CCN) data is tokenized prior to entering legacy business systems. After processing, the protected CCN data is de-tokenized by the appliance and transmitted to payment processors for settlement. Tokens were designed to bleed through the first six digits of the CCN, to make them compatible with legacy systems and prevent the need for modifications.
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
IMPACT None. PCI auditing process reduced from seven months to three. Cardholder data is now more secure
DEPLOYMENT Tokenization took 90 minutes
DRIVER Simplify PCI DSS compliance
We planned on 30 days to tokenize our 50 million card numbers. With Protegrity Tokenization, the whole process took about 90 minutes.
CHALLENGE Solution must have little to no impact on existing systems
STEPS TO SUCCESS Deployment of the solution was non-intrusive as it did not require obtaining third-party modifications to code
SOLUTION Protegrity tokenization using Enterprise Security Administrator and mainframe and file protector, Application protectors
BENEFITS By segmenting cardholder data with tokenization, a regional chain of 1,500 local convenience stores is reducing its PCI audit from seven to three months
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
13
Protegrity was born of the need to deliver a new kind of data security that is equipped to meet the challenges of modern enterprises: security that protects the data itself everywhere it goes while enabling businesses the freedom to transform and innovate with their data. The right balance between sophisticated data analysis and risk management can be achieved. Neither needs to be sacrificed. Data today is more than power—it is the lifeblood of the organization and needs to flow to the right data owners in realtime. If it can’t be mined and manipulated at or near real-time while still maintaining security and privacy, it’s not delivering maximum value.
Protegrity Credentials Organizations from every industry worldwide leverage our expertise and solutions to strengthen their security posture and simplify compliance with internal and regulatory data protection requirements. Our customers include:
14
More than 50 of Teradata’s largest customers The world’s largest company and private employer 20% of all Global Fortune 500 Retail organizations The most powerful transnational corporation globally 25% of Global 500 Financial Services Institutions Europe’s largest financial institutions America’s most trusted source for high-quality healthcare and service One of the world’s largest online retailers The premier driver of air travel intelligence and commerce worldwide Over 200 brands worldwide including public and private sector
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data
CONTACT Protegrity email us at info@protegrity.com or contact us through our website www.protegrity.com/retail Read more about how Protegrity can help your business THE CHANGING FACE OF RETAIL HOW SHOULD DATA PROTECTION KEEP UP?
1 Personalized experience
ETAIL
FOR R
CUSTOmERS’ ONLINE DATA AND PURCHASE HISTORy WILL REvEAL INSIgHTS fOR TAILORED SUggESTIONS AND INCENTIvES TO bUy, IN REAL TImE STRATEGY: Personalization to ensure customer loyalty and increase share of wallet
Retail transformation turns data risk into reward
Safely delivering growth through better customer experience
EXECUTIVE BRIEF
SOLUTION BRIEF
TAIL
FOR RE
OPTIMIZATION: Protect private data itself in a way that does not hinder analytics
2 Automated Roles DIgITAL DEvICES WILL gREET AND SERvE CUSTOmERS AND RUN bACK OffICE OPERATIONS
STRATEGY: AI to reduce cost and improve efficiency
TAIL
FOR RE
OPTIMIZATION: Ensure use of data is for legitimate purposes only using granular, role-based access controls for devices utilizing sensitive customer and corporate information
EXECUTIVE BRIEF
SOLUTION BRIEF
3 Automatic checkout
FUTURE RETAIL
TRANSACTIONS WILL bE fRICTIONLESS, USINg IN-STORE RfID TECHNOLOgy STRATEGY: Enhance the shopping experience – no more queues OPTIMIZATION: Protect customers in line with GDPR and PCI DSS requirements using tokenization to pseudonymize private information without impact to process or systems
4 Online sales
Copyright© 2018 Protegrity Corporation. All rights reserved. Protegrity® is a registered trademark of Protegrity Corporation. All other trademarks are the property of their respective owners. ONLINE SHOPPINg WILL gROW fROm 10% TODAy TO OvER 50% by 2027
STRATEGY: Make online purchasing easier and quicker for customers to improve conversation rate
Teradata and the Teradata logo are registered trademarks of Teradata Corporation and/or its affiliates in the U.S. and worldwide. OPTIMIZATION: Protect sensitive data fields in transit to speed up account creation and enhance customer experience
5 IOT SmART APPLIANCES WILL PURCHASE AND DELIvER HOUSEHOLD ITEmS AND RESTOCK SHELvES AND PROvIDE fURTHER INSIgHTS INTO CUSTOmER PURCHASINg HAbITS
5 Ways Global RETAILERS Protect THEIR CUSTOMER Data STRATEGY: Anticipate and respond to customer requirements on demand and streamline supply chain OPTIMIZATION: Enable data to flow across all platforms using one centrally controlled protection method
15