Karen Hsu
Do You Know Where Your Existing Database Security Solutions Are Failing?
Recently, Oracle announced that its latest April critical patch update does not address the TNS Poison vulnerability uncovered by a researcher 4 years ago. In addition to this vulnerability from an attacker, organizations face data breaches from internal negligence and insiders. In a May 2012 survey by the Ponemon Institute, 50% say sensitive data contained in databases and applications has been compromised or stolen by malicious insiders such as privileged users. On top of that 68% find it difficult to restrict user access to sensitive information in IT and business environments.
While databases offer basic security features that can be programmed and configured to protect data, it may not be enough and may not scale with your growing organizations. The problem stems from the fact that application development and DBA teams need to have a solid understanding of database vendor specific offerings in order to ensure that the security feature has been properly set up and deployed. If your organization has a number of different databases (Oracle, DB2, Microsoft SQL Server) and that number is growing, it can be costly to maintain all the database specific solutions. Many Informatica customers have faced this problem and looked to Informatica to provide a complete, end-to-end solution that addresses database security on an enterprise-wide level.
Come talk to us at Informatica World and hear from our customers about how they’ve used Informatica to minimize the risk of breaches across a number of use cases including:
- Test data management
- Production support in off-shore projects
- Dynamically protecting PII or PHI data for research portals
- Dynamically protecting data in cross-border applications
At Informatica, you can meet us in our sessions on Thursday, May 17, at the Aria in Las Vegas:
10:10 – 11:10 – Ensuring Data Privacy for Warehouses and Applications with Informatica Data Masking in Room Juniper 3
11:20 – 12:20 – Protecting Sensitive Data Using Informatica’s Test Data Management Solution in Room Starvine 12
Also come to the Informatica Data Privacy booth and lab for in depth demonstrations and presentations of our data privacy solutions and customer deployments.
No More Excuses – Healthcare Organizations Need to Mask Their Patient Data
Data breaches in healthcare have increased 32 percent in the past year and have cost the industry an estimated $6.5 billion annually according to the Ponemon Institute. Responsible for these breaches were largely employee handling of data and the increasing use of mobile devices. Forty-one percent of healthcare executive surveyed attributed data breaches related to protected health information (PHI) to employee mistakes. Half of the respondents said their organization does nothing to protect the information contained on mobile devices. “Healthcare data breaches are an epidemic,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute, in an announcement of the study results.
Why are healthcare data breaches becoming more common?
PHI data is in all production and test systems, as well as numerous copies that are created of production systems for test, training and application development purposes. In addition to these production systems, PHI data lives in servers inside and outside of the organization. As more mobile devices are used to access critical patient data, and doctors are using their mobile devices to address medical issues from all over the country (if not the world), more sensitive patient data is exposed. In addition to PHI data such as social security number, a lot of sensitive data that healthcare organizations have is contained in textual notes. So the textual data also needs to be protected. But patient data needs to be protected not only within the hospital or healthcare organization. As patient data is used for clinical trial and research purposes, it is important to protect the data that leaves the organization.
To address these concerns, Informatica has seen organizations move towards an end-to-end, enterprise wide data privacy solution that enables them to:
- Consistently define sensitive data and set data privacy policies
- Identify where sensitive data lives throughout the organization
- Create subsets of production data for testing purposes, greatly reducing costs of managing test data (reducing hardware and software)
- Mask data according to all required PHI rules
- Report / provide audit trail that data has been masked and data is secure
Maintaining many, individual privacy solutions can be both costly and risky. An enterprise wide solution centralizes data privacy management, streamlining development and ongoing maintenance.
For more information on healthcare privacy challenges and how to address them, please join us in our upcoming webinar.
Where Are the Gaps in Your Data Privacy Solution?
It’s hard to miss data privacy in the headlines these days. Banks and insurance companies have not only had their customer information compromised, but they need to keep up with changing privacy regulations (PCI DSS, GLB, EU Data Protection Directive, US Privacy Laws)—or be fined. The impact is staggering—and costly. For example, last year Citigroup had more information compromised from their 200,000 bank cardholders. HSBC faced $5M in fines for inadequate data security.
But personal information is not the only type of data that needs to be protected. We’ve spoken to our customers about the need to protect sensitive information that includes financial information about a client, revenues, purchasing and pricing information. In addition I’ve spoken to organizations that are looking to keep and protect sensitive information across business units (so that one business unit will have restricted access to another business unit’s data). (more…)
What Does It Take To Be A Leading Player In Payments Integration?
Last Thursday, Aite Group, Capgemini and Informatica discussed why data integration was critical to the success of payment hubs. One of the questions from the audience was: who were the leading players? Capgemini responded that there are different segments of players– system integrators, payments application vendors, payments integration vendors. And each segment had a role in the success of a payments hub. But to say who is leading, you need to first look at what it takes to be a leader. Let’s look at what it takes for payments integration: (more…)
What Are The Hot Trends In Financial Services?
A Webinar Series with Aite Group and Informatica
Informatica, Aite Group, and Financial industry thought leaders just launched a series of webinars on hot trends in Insurance, Banking and Capital Markets. The issues by industry include:
In Insurance:
- Master Data Management has become critical to customer retention and effective cross selling and upselling
- ACORD based integration is critical to the success of Master Data Management because of the increased adoption of ACORD internally to integrate data from disparate systems into an MDM hub
- In Wholesale Banking:
- Payments infrastructure is getting increasingly complex due to mergers, increasing payment channels and types
- Payments integration, as a result, is becoming increasingly important to integrate the new payments hubs with legacy systems that will continue to operate or exist from pre-merger days (more…)
What Does Your Payment Hub Need To Be Successful?
We were at the SWIFT Operations Forum Americas conference a couple of weeks ago, and again we heard one of the biggest pains from banks, corporate and SWIFT was the last mile problem– integrating SWIFT, BAI or other standard into back off systems. (more…)
So You’ve Automated — But Do You Have Data Visibility?
The complexity in automated payments processing, electronic bank account management, and reference data management is in the end-to-end integration. The value of the automation is the enhanced visibility into payment, counterparty, security data.
Your competitive differentiation lies in the level of visibility you provide your customers. (more…)
Lenders – Are You Ready For The September 1, 2011 Uniform Loan Delivery Data Deadline?
What are you doing to prepare?
“All loans, without exception, must use the MISMO-based loan delivery data requirements on or after September 1, 2011.” Where is this coming from? The Federal Housing Finance Agency (FHFA) is mandating a joint uniform loan delivery data (ULDD) standard for single-family loans using MISMO 3. According to FreddieMac, these MISMO based loan delivery requirements “…represent a significant change from our current loan delivery data requirements …”
Stated benefits of this new delivery format include:
- Strengthening risk management capabilities.
- Improving transparency and confidence in the loan decision by using the same root data in our processes that lenders use in their processes
- Improving data accuracy and confidence in loan quality.
- Supporting greater data consistency while maintaining each GSE’s ability to independently set credit and pricing policies and business terms. (more…)
What Percentage Of Your Transactions Are Processed Straight Through?
The Aite Group recently surveyed senior treasury and receivables management at 80 top US corporations. About half of the transactions at these firms were processed straight through. As a result, there remains a lot of opportunity to reduce costs and mitigate risk by increasing straight-through-processing (STP) of transactions. In addition, banks can help their corporate clients get better information about their payments and posting. For example, Treasury managers need to know where they can invest excess cash and where their funds are throughout the organizations to borrow internal cash.
At SIBOS 2010 (October 25-29 in Amsterdam), Informatica will discuss how the Informatica SWIFT Integration solution enables your customers to achieve true STP and get better information about their payments. This is especially critical given all the new regulation and industry changes that have been reflected in the latest SWIFT standard. With Informatica’s 2010 SWIFT certified solution, organizations can: (more…)
Why Should You Support Financial Standards?
Why should you support financial standards? And what can you gain?
Market instability is forcing institutions to take a deeper look at their infrastructure for ways to improve efficiency. As a result, the leading institutions have come to the conclusion they need to adopt financial standards. As Andy Schmidt (Tower Group) discussed in a previous blog, many institutions today have extensive mapping and development processes as a result of siloed business approach. Legacy systems are forced to perform new functions they were not originally designed to support. And each system and dependent system needs to be fully tested whenever changes need to be made. Following a financial standard reduces the complexity and cost. But financial standards also change—so having a flexible infrastructure to support these standards is critical. (more…)
Loading ...