Data Security for Financial Services



Data Security for Financial Services

The Financial Services industry from Credit Card Processing companies to Brokerage and Insurance firms have spent millions developing security infrastructures designed to keep sensitive customer information confidential. And it’s not just about managing risk. The Financial Services industry must comply with an increasing list of data security regulations and standards, including:

  • Gramm–Leach–Bliley Act (GLB)
  • Sarbanes-Oxley Act (SOX)
  • Payment Card Industry Data Security Standard (PCI-DSS)
  • State Financial Data Privacy Acts
  • European Union Data Protection Directive (EUDPD)
  • Japan’s Personal Information Protection Act

At the end of the day one must be honest with themselves whether Data Security is paramount or “just being in compliance” is the objective. Either way we can help, but we first must answer this most difficult question. An analogy “Anheuser Busch, Kentucky Fried Chicken and Coca Cola all know that 100% of the company’s livelihood rests on its’ IP (Intellectual Property). Security is paramount and there is no amount of Data Breach Insurance (hyperlink) that will right the wrong of losing their brand defining recipes. Conversely, you are a customer at ABC bank and are a victim of identity theft. As long as you are in compliance with regulatory and insurer mandates your insurance will pay the claim, quickly and quietly. Admission of a breach in many cases can be more costly than the actual breach itself.

As the number of your mobile employees and contractors grows, so does your risk of data leakage and failure to comply with the mandates imposed by these and other laws and standards. The truth is, your compliance efforts can be compromised with startling ease if mobile employees fail to safeguard their digital identities, portable workspaces, and the customer records and financial data they take home or on the road.


CE Secure is Compliance

CMS helps you simplify compliance with military-grade (FIPS 140.2) and encrypted USB flash devices. In addition, our mobile security solutions protect digital identities regardless of where your employees take them. Our centralized management platforms puts corporate in total control of data access and use, removing the reliance on the diligence of the hundreds or thousands of mobile workers who carry sensitive data with them every day.

CMS delivers some of the world’s most secure, scalable and reliable mobile storage, identity management and device management solutions, including:

  • encrypted flash drives
  • encrypted external hard drives
  • secure storage management solutions

Designed from the start to work seamlessly together and create a cost-effective, end-to-end solution that you can use to reduce your potential exposure to non-compliance.

CE Secure Financial Services Solution Features


CMS’ CE Secure™ family of flash drives and external hard drives, along with CE Secure™ line of hardened, tamper-evident flash drives, lock down sensitive data with an on-board, hardware encryption engine that puts a military-grade, AES-256 wall between unauthorized users and the drive’s contents.


The security protections built into CMS’ encrypted USB drives are rough and tough. And by choosing from an array of scalable, intuitive platforms for establishing and policing your employees’ use of CE Secure™ drives, you can ensure that mobile employees are using strong passwords and taking other measures to take full advantage of those capabilities. From a central console, set policies for passwords, application use, recovery, and more – across a handful of drives or thousands of them. Depending on the CMS solution you deploy, you can also manage and update device drivers and applications, administer identity protection features, and create whitelists of approved IP addresses to control where devices and applications can be used. And if a drive is lost or stolen, you can even remotely erase it or destroy it.


Power outages, severe storms, earthquakes, fires – any of these might usually impact your ongoing operations. But CMS’ secure mobile storage and portable workspace solutions help keep workers productive even when they can’t make it into the office.


There’s no need for employees to install drivers or other software to securely access their stored data, workspace or applications. CMS drives come pre-loaded with everything users need, and they leave no trace on the host PC.


In addition to the combined safeguards of encryption, multi-factor authentication and hardened enclosures, some of CMS’ enterprise-class mobile storage solutions come with anti-virus and anti-malware protections, either as a standard feature or as an option.


When a mobile employee’s digital identity is compromised, your network, your applications, and your data all become vulnerable. That’s why CMS offers strong, multifactor authentication on CMS CE Secure drives. And for users of CE Secure™ drives, CMS offers enterprise-class identity management capabilities – combining Public Key crypto services, strong password authentication and strong password management – to shield identities out in the wild. Only CMS integrates these sophisticated protections with encrypted storage in a single mobile device.


Mobile data security involves more than just locking down data. Workers need the flexibility of working from any PC, and they get it with CMS’ portable workspace solutions. These solutions, available on CMS’ encrypted USB flash drives and hard drives, add another dimension to mobile security by enabling employees and contractors to safely work from any computer – at the office, at home, or on the road – Hardware encryption and strong authentication keep confidential data where it belongs.


Complying with data security mandates doesn’t have to be a headache. Use CMS’ advanced reporting and auditing capabilities to document how, where and when users have accessed, saved or modified confidential data. And for maximum flexibility, CMS offers you both premise-based management solutions (when device management must reside behind your firewall) and cloud-based management solutions (eliminates the need for capital investments in servers and other hardware).