Eliminate risk without disrupting operations

How removing sensitive personal and payment data from internal systems minimizes risk by eliminating the impact of a breach

About the company

West Bend Mutual Insurance Company is a Midwest-based insurer that’s committed to providing peace of mind to its customers. When it comes to data protection, that means ensuring customer information is safely stored and managed, and internal systems are maintained to be available whenever they need to be accessed.

Industry: Insurance

Location: West Bend, WI

Company Size: SMB

Products Used: Token Services API & Batch

The reality of risk

Storing sensitive data in your environment increases the risk and potential impact of a data breach and subjects your internal systems to regulatory compliance obligations and other requirements for protecting and retaining data. Unfortunately, in many instances, storing this data can be unavoidable.

“From my seat, the issue is that it’s necessary for business,” said Ryan Dove, West Bend Mutual Insurance’s director of information security. “There’s a lot of government entities that require us to capture and retain that information, which usually means we can’t purge it fast enough from a security perspective because we need to be able to maintain the integrity of that data long-term.

“Not only am I worried about maintaining the personal financial information (PFI), but I’m also worried about how you maintain a system for 25-30 years to be able to support the information in order for it to be recovered. That’s the real challenge when we start to focus on this.”

Keep sensitive data out

West Bend worked with TokenEx to remove the PFI from its internal systems – strengthening its security, minimizing its risk, and reducing the potential impact of a breach all while accommodating its unique environment and data-retention requirements.

This reduced the impact of a breach by 1.5 million records and required no significant changes to West Bend’s legacy database structure and existing operations.

“We were able to convert our entire claims and personal-line systems within a year and completely reduce our impact by probably a million-and-a-half unique records,” Dove said. “Implementing with the TokenEx APIs was very simple and straightforward, and we use them both in a batch-process method and the real-time methods, single value, multiple times a day.”

How it works

First, West Bend sends PFI to TokenEx via API and MFT processes to remove the sensitive data from its environment.

Then, West Bend receives a nonsensitive multi-use token that can be safely stored within its internal systems.

When West Bend needs to access the original data or send it to a third party, it simply returns a token to TokenEx who then fulfills the request.

Reduce your risk footprint

West Bend met its industry compliance obligations for data storage.

West Bend reduced the impact of a breach by 1.5 million records.

West Bend removed toxic data without disrupting its existing systems.

“We were looking for opportunities to reduce the impact of a breach, and the way we saw to do that was to eliminate personal financial information that is stored in our systems.”

Ryan Dove

Director of Information Security, West Bend Mutual Insurance

How can we help
your business?

Connect with us to learn how we can generate similar results for you.

See more customer stories