- Top Industries
- Resource Center
Storing sensitive data in your environment increases the risk and potential impact of a data breach and subjects your internal systems to regulatory compliance obligations and other requirements for protecting and retaining data. Unfortunately, in many instances, storing this data can be unavoidable.
“From my seat, the issue is that it’s necessary for business,” said Ryan Dove, West Bend Mutual Insurance’s director of information security. “There's a lot of government entities that require us to capture and retain that information, which usually means we can’t purge it fast enough from a security perspective because we need to be able to maintain the integrity of that data long-term.
“Not only am I worried about maintaining the personal financial information (PFI), but I’m also worried about how you maintain a system for 25-30 years to be able to support the information in order to be recovered. That’s the real challenge when we start to focus on this.”
By working with TokenEx to remove that sensitive data from its environment and store it externally, West Bend virtually eliminated the risk of data theft without disrupting its existing operations.
We were looking for opportunities to reduce the impact of a breach, and the way we saw to do that was to eliminate personal financial information that is stored in our systems.
West Bend worked with TokenEx to remove the PFI from its internal systems—strengthening its security, minimizing its risk, and reducing the potential impact of a breach all while accommodating its unique environment and data-retention requirements.
This reduced the impact of a breach by 1.5 million records and required no significant changes to West Bend's legacy database structure and existing operations.
“We were able to convert our entire claims and personal-line systems within a year and completely reduce our impact by probably a million-and-a-half unique records,” Dove said. “Implementing with the TokenEx APIs was very simple and straightforward, and we use them both in a batch-process method and the real-time methods, single value, multiple times a day.”