Eliminating Risk Without Disrupting Operations

How removing sensitive personal and payment data from internal systems minimizes risk by eliminating the impact of a breach




Storing sensitive data in your environment increases the risk and potential impact of a data breach and subjects your internal systems to regulatory compliance obligations and other requirements for protecting and retaining data. Unfortunately, in many instances, storing this data can be unavoidable.

“From my seat, the issue is that it’s necessary for business,” said Ryan Dove, West Bend Mutual Insurance’s director of information security. “There's a lot of government entities that require us to capture and retain that information, which usually means we can’t purge it fast enough from a security perspective because we need to be able to maintain the integrity of that data long-term.

“Not only am I worried about maintaining the personal financial information (PFI), but I’m also worried about how you maintain a system for 25-30 years to be able to support the information in order to be recovered. That’s the real challenge when we start to focus on this.” 


Reduce Your Risk Footprint

By working with TokenEx to remove that sensitive data from its environment and store it externally, West Bend virtually eliminated the risk of data theft without disrupting its existing operations.


We were looking for opportunities to reduce the impact of a breach, and the way we saw to do that was to eliminate personal financial information that is stored in our systems.

Ryan Dove | Director of Information Security, West Bend Mutual Insurance

West Bend worked with TokenEx to remove the PFI from its internal systems—strengthening its security, minimizing its risk, and reducing the potential impact of a breach all while accommodating its unique environment and data-retention requirements.

This reduced the impact of a breach by 1.5 million records and required no significant changes to West Bend's legacy database structure and existing operations.

“We were able to convert our entire claims and personal-line systems within a year and completely reduce our impact by probably a million-and-a-half unique records,” Dove said. “Implementing with the TokenEx APIs was very simple and straightforward, and we use them both in a batch-process method and the real-time methods, single value, multiple times a day.”


How it Works


Data Flow_ Token Services API-2_@4x



  • West Bend sends PFI to TokenEx via API and MFT processes to remove the sensitive data from its environment.
  • West Bend receives a nonsensitive multi-use token that can be safely stored within its internal systems.
  • When West Bend needs to access the original data or send it to a third party, it simply returns a token to TokenEx who then fulfills the request.

Connect with us to learn how we can generate similar results for you.