04:59 PM
Protecting Data During a Major Merger
In early 2011, Beaverton, Ore.-based First Tech Credit Union completed a $4.75 billion merger with Palo Alto, Calif.-based Addison Avenue Federal Credit Union. The merger created First Tech Federal Credit Union, with a combined base of 335,000 customers in 38 branches across the U.S. Essential to the success of the merger was the protection of a large amount of sensitive data that had to be moved about during and after the 10-month process. The institutions turned to San Diego, Calif.-based Websense and its Triton content security solution to help safeguard their combined data.
Addison Avenue had already been using the Websense solution since 2007, but First Tech had a different data-loss prevention (DLP) system in place. During the selection process for a new content security system, the institutions first compared the solutions they were already using and determined if either of them would meet their needs or if they'd have to look elsewhere, according to Phil Romero, senior security architect at First Tech Federal Credit Union. The system that the credit union chose would have to be able to identify and protect moving and static data, and be flexible enough to expand with a growing institution.
Romero says that pretty quickly, he knew that the Websense system was up to the task. "I've worked with several different types of DLP systems in the past, and being familiar with their functionality, it was clear that Websense was a robust enough product to really support the needs of the credit union moving forward," he explains. "The ease of management, throughput and performance capabilities, and the scope of visibility of the product itself really addressed all of our current and potentially future needs."
Part of the Websense Triton solution, the Websense Data Security Suite protects both e-mail and web activity. The system helped First Tech Federal Credit Union ensure that e-mails were routed only through encrypted channels during the merger. "We were able to secure more than 50,000 merger-related e-mails between April and November 2010," notes Romero.
The Websense system also ensured compliance with regulations, including constant monitoring of member information and its transportation. "The system is very robust and complete as a product," says Romero. "It has the ability to allow us to fingerprint the kind of information that we have to protect and then implement the control mechanisms to make sure that data stayed secure at all times, even when it left the company." He also touts the system's ease of use, crediting the documentation and diagrams that Websense provides on how its system works and what communication requirements are needed to support its functionality.