To safeguard sensitive customer data and comply with the Monetary Authority of Singapore’s Technology Risk Management Guidelines, organizations need to apply consistent, robust and granular controls.
The CipherTrust Data Security Platform from Thales helps customers address these guidelines throughout their organization, in part through:
The Monetary Authority of Singapore (MAS) published Technology Risk Management (TRM) Guidelines to help financial firms establish sound technology risk management, strengthen system security, and safeguard sensitive data and transactions.
The TRM contains statements of industry best practices that financial institutions conducting business in Singapore are expected to adopt. The MAS makes clear that, while the TRM requirements are not legally binding, they will be a benchmark the MAS uses in assessing the risk of financial institutions.
The Vormetric Data Security Manager from Thales offers centralized management of keys and policies for the entire suite of products available within the Vormetric Data Security Platform. The product is available as a physical or virtual appliance.
Vormetric Transparent Encryption from Thales leverages an agent that runs in the file system to provide high-performance encryption and least-privileged access controls for files, directories, and volumes. Vormetric Transparent Encryption supports both structured databases and unstructured files.
Vormetric Application Encryption from Thales employs standards-based APIs to simplify the process of doing column-level encryption in applications.
With Vormetric Key Management from Thales, administrators can centrally manage keys for Vormetric products, Oracle TDE, Microsoft TDE, and more. In addition, the product securely stores certificates and offers support for the Key Management Interoperability Protocol (KMIP).
Vormetric Security Intelligence can deliver granular file access logs to popular security information and event management (SIEM) systems and be used to support audits.
Perhaps the most comprehensive data privacy standard to date, GDPR affects any organisation that processes the personal data of EU citizens - regardless of where the organisation is headquartered.
Any organisation that plays a role in processing credit and debit card payments must comply with the strict PCI DSS compliance requirements for the processing, storage and transmission of account data.
Data breach notification requirements following loss of personal information have been enacted by nations around the globe. They vary by jurisdiction but almost universally include a “safe harbour” clause.