CITIC BANK DATA MASKING CASE
Customer Problems:
Quality Issues: The bank's existing data masking algorithm is developed by the software center or application vendors and implemented through version releases. In previous data masking processes, there have been issues such as incomplete masking and reversible masking results, which directly led to data masking failures.
Data Disassociation: The current data masking process does not involve associated data masking. The existing masked data is also unable to meet the requirements for cross-system business testing.
Long Cycle Time: With version changes across various batches and systems, as well as the launch of new systems, the original data structures in the database may change. Consequently, the old data masking version becomes invalid. The data users are directly faced with the need to request a new data masking version from the software center, which then involves a series of steps such as scheduling, development, and database integration, resulting in a long overall development cycle. The masking version software has a short lifecycle, and the manpower investment is significant, leading to unpredictable derivative issues and impacts.
Implemented Results:
A user-friendly data masking platform was built, enabling data masking across all business systems in the industry. Specific features include task management for data masking, parameter management for masking, rule management for masking, subset extraction, automatic sensitive information discovery, task monitoring, auditing management, and access control management, among others.
Bank Data Security Situational Awareness Case
Project Background
As the bank's business continues to expand, it faces an increasing number of data security threats from both internal and external sources. Various data security incidents frequently occur in the industry, including data breaches and data losses, which pose a significant threat to the security of XX Bank's funds and customer privacy. Traditional security methods often only passively detect known threats and are unable to proactively sense new types of data security threats and attack methods. How to promptly detect and identify various potential data security threats, take rapid defense measures, ensure service continuity, and protect customer information, as well as achieve real-time awareness of XX Bank’s data situation, comprehensive asset management, timely event alerts, and quick response, has become one of the key challenges facing XX Bank in improving its data security protection capabilities.
Project Content
XX Bank builds a Data Security Situation Awareness and Operations Platform, integrating atomic capabilities such as TDLP and NDLP for data security. This platform enables asset identification and categorization, dynamic monitoring and awareness, comprehensive and multi-dimensional event security analysis and prediction, as well as precise traceability. It provides strong data security support for XX Bank, ensuring data security and compliance, enhancing the bank's ability to defend against data security incidents, and building a dynamic, all-network data security operations system.
Project Value
Project Value
Through the Data Security Situation Awareness Platform, the bank has achieved significant results and benefits in the data testing process. It has enabled the discovery and organization of internal user file assets, achieved full lifecycle monitoring and traceability of sensitive files, and provided end-to-end, full-link visual monitoring of sensitive assets in network traffic. Over 30,000 sensitive behaviors were detected, and more than 70 risk event alerts were generated, effectively supporting XX Bank’s visual supervision of sensitive data.
In terms of security improvement, real-time monitoring and analysis of data security situations allowed for the timely discovery and response to potential risks, effectively preventing security threats such as data leakage, tampering, and unauthorized access. In terms of compliance assurance, the system continuously evaluates and optimizes the security of test data, helping the bank comply with relevant regulations and standards, and providing reliable compliance evidence and reports for the bank.
Bank Endpoint Security Case
Customer Pain Points:
1.Regulatory inspections have revealed that sensitive data in plaintext has been stored on terminals for a long period, leading to penalties.
2.Despite using terminal management, antivirus software, and similar security tools, the effectiveness in ensuring terminal data security is limited, especially when sensitive data is stored in plaintext.
3.With hundreds of thousands of terminals, it’s difficult to inventory and check for unauthorized data files. Tests with products from other vendors caused system lag, disrupting normal work. Manual handling of the issue is tedious and has limited effectiveness.
Solution
Sensitive Data Discovery: In line with regulatory standards and confidentiality requirements, focus on identifying personal sensitive information, files with corporate client information exceeding the designated threshold, and important sensitive business data files. Risk events and sensitive file distribution statistics are generated. Additionally, the system can check if national encryption files are stored on terminal computers, creating a special event for checking national encryption files.
Risk Event Self-Processing: End users can self-assess risk events and perform self-processing (delete, exempt, or authorize encryption). The data security officer can monitor the self-processing status of the terminals from the management server, promptly detect anomalies, and provide feedback to the relevant personnel.
Self-Processing Progress and Inspection Statistics: The data security administrator can check the discovery progress and self-check status of terminal users. Through 16 defined statistical indicators, the effectiveness of sensitive data discovery and handling can be evaluated, and a summarized report on self-processing classification can be generated.
Application Effect
Application Effect
Implement the inventory check and self-processing of sensitive data files on approximately 460,000 Windows office terminals, and 40,000 production terminals. Additionally, check for the presence of national encryption files. The business application system enables the secure handling of "offshore" data files. There is also the capability to timely detect and block the sending of sensitive data files via network and email.
Solve the problem of only passively accepting regulatory checks without the ability to actively perform self-inspection and self-processing.
Establish a regular workflow where sensitive data files on all terminals across the organization are checked and self-inspected once per month. (The first inspection revealed that some computers stored thousands of sensitive files.)
Plan to use visualization technology to present data from dimensions such as asset distribution and sensitive data flow, helping customers comprehensively understand the overall data security status across the network.