This story is part of our client success series. It showcases Fortune 100 and 500 customers across various industries that turned to Privacera to solve their tough data security, access, and governance challenges. Check out all the stories in this series.
Financial security and living healthy drive this financial services company to deliver a portfolio of insurance, investment, mutual fund, financial advice, and asset management offerings. The company supports a worldwide network of advisors, third-party partners, and other distributors who provide its offerings to individuals, businesses and institutions.
To expand its customer base by creating predictive and personalized journeys, it needed to create digital capabilities that included using its data to deliver predictive and personalized journeys. To ensure the security of its sensitive data when migrating its data to an AWS data lake, it required centralized, automated governance. See how adopting the Privacera unified data governance platform enabled it to do just that and provide fine-grained access control across its hybrid data infrastructure.
Business Risks
For this company, successful implementation of its digital strategy depends on maintaining consistent data security and a secure environment for its clients, employees, and third parties. This strategy relies on transactional and personal client data that it collects, processes, and maintains in its systems.
A serious security or privacy breach would have a significant adverse impact on current and future business opportunities. To avoid this potential, the company actively invested in technology to mitigate the unintentional dissemination of sensitive personal information.
Business Issues
Moving to cloud computing is a key element of its digital strategy. Cloud is critical to achieving the flexibility and scalability so that the company can add capacity and support leading-edge analytics. It needed to move its existing on-premises Apache Ranger data security to Amazon Web Services (AWS) for a successful cloud data migration.
For this reason, the company needed to leverage its existing technology investments and securely migrate its sensitive data. It determined that a vast amount of data stored across its AWS infrastructure (S3 and EMR) contained sensitive customer data and personally identifiable information (PII).
To achieve its data migration plan, the company required a centralized view of all sensitive data and automated fine-grained access controls to protect against unauthorized access. It would also ensure data security, support the company’s cloud-based analytics goals, and decrease manual complexity for its data teams.
Its key challenges included:
- Migrating its on-premises security safely to it AWS environment
- Supporting data policies compliant with International Financial Reporting Standards (IFRS)
- Keeping personally identifiable information (PII) safe with encryption and masking
- Automating data policy assignment, discovery, and intake
Solution
To retain Apache Ranger for data security across its on-premises platform as it moved to the cloud, this financial services company needed a unified view of all sensitive data and automated fine-grained access controls. It turned to Privacera, which enabled the company to meet its requirements for data security, access control, and compliance across 200 Amazon EMR nodes.
Privacera helped the company address two security access issues that impacted the company’s analytics efforts:
- Create data security policies that allow only authorized individuals to access sensitive information. The customer can now implement row-level access policies, so only authorized users get full access to the database, and others are granted limited access according to clearance level. A company representative said, “Row-level access simplified our data management without compromising security.”
- Permit the use of large datasets for analytics. To protect PII from unauthorized access, Privacera enabled column-level access controls. This level of control enabled the company to move its data into a data lake as quickly as possible, apply access rules, and quickly use the data to generate new business insights. Data requests that took three to four weeks to program now take less than two days to complete.
Business Impact
The customer can now process 500,000 data access requests per day. By using Privacera, the company can distribute highly granular data access control and masking across hundreds of AWS accounts. Instead of taking months to manually recreate existing data governance policies in the cloud, the company now seamlessly manages a unified approach across both on-premises Hadoop and cloud environments. It can also extend its Ranger foundation to the cloud as a unified solution across both environments.
No matter how unique your data ecosystem, products, and processes are, Privacera can help future-proof your data security, access, and governance for greater scalability, connectivity, and competitive opportunities. Learn more in our whitepaper Data Security Maturity Model in 5 Steps. Read the whitepaper.