About Leading Business Processing Organization
Applying Fraud Analytics to Data while Complying with Regulations
In a world where fraud moves fast and across all channels, modern fraudsters can exploit banking silos. This organization’s powerful fraud fighting platform empowers organizations to stand united against fraud, harnessing the strength of advanced analytics applied to cross-bank data, and benefiting from dedicated product, fraud intelligence, and data science resources.
To make this a reality, the team faced several challenges, as explained by the Senior Program Managing Architect: “We needed to adhere to strict data protection rules such as SOX and PCI, while still allowing our data scientists to work on the data, including Personally Identifiable Information (PII) and credit card details. And how could we test on production data? Disk encryption is a basic requirement for regulation compliance, but that doesn’t solve the issue of applying analytics to exposed data. Data masking was another option, but this is a one-way transformation and you cannot replicate insights with masking.”
The existing infrastructure was another major consideration. The team did not want to support an isolated system; any new solution had to fit seamlessly into the existing landscape, consisting of a fully virtualized environment, leveraging Hadoop and Hortonworks to process the high data volumes flowing into the system from its member banks.
Voltage Data-Centric Security Model – Data Stays Encrypted
The Senior Program Managing Architect researched the market thoroughly for the latest trends in data security: “Pure data masking tools did not support the regulations we need to comply with. However, when I learnt about Micro Focus Voltage, my interest was piqued straight away. With Voltage Format-Preserving Encryption (FPE), the data stays encrypted end-to-end throughout the process. That, right there, would massively increase my data security.”
Voltage embeds protection in the data itself, and this data-centric security model keeps the data usable for analytics and business processes. System analysts and QA engineers can do their jobs in a safe environment, with data flowing in its protected form without breaking applications or databases. As an added bonus, Voltage is designed to integrate seamlessly with all leading big data platforms, including those in use at this organization.
Micro Focus Professional Services supported the implementation: “We wanted support and hands-on Voltage training, specific to our environment and use cases,” says the Senior Program Managing Architect. “Working with the Micro Focus Professional Services consultants was the best experience I have had in the industry! They supported us all the way from start to finish, ensuring our use cases worked within the Voltage environment and were integrated into our wider infrastructure. We were up and running within just three months, which really speaks to the maturity of the Professional Services engagement.”
Voltage now sits on top of Hadoop and Hortonworks, ensuring mature data protection. Nothing is ever stored in the clear, and all data is housed decentralized on local Hadoop instances. Product managers can log onto a user-friendly tool to view data activity, without seeing any sensitive data, such as PII and credit card information, as this is permanently encrypted. The Senior Program Managing Architect values the ease of access he can give users:
Controlled TCO in a Transparent Security Model
The importance of data security sits at the very center of this organization’s success. Voltage, with its Stateless Key Management, supports load balancing between two data centers to provide reliable disaster recovery and high system availability. Maintaining keys and a key vault in a traditional approach to encryption would have reduced data protection.
The Senior Program Managing Architect comments: