Computershare Turns to Symantec DLP

Symantec Corp. announced that Computershare Limited, in transfer agency/share registration and related services, is implementing the Symantec Data Loss Prevention solution. The worldwide firm will now utilize Symantec Data Loss Prevention around the globe to help protect millions of confidential shareholder records.

"Our services, which include share registration, employee equity plan administration and proxy solicitation, require us to manage more than 150 million individual shareholder records that may contain sensitive information such as credit card and bank account details. We also need to manage information specific to individual regions, countries and states, including tax file numbers in Australia and social security numbers in the United States," said Stuart Irving, Chief Information Officer, Computershare Limited. "Protecting this data against loss is critical to ensuring we comply with stringent regulations in the countries in which we operate and maintain the integrity of our reputation in the marketplace."

Following an evaluation process, Computershare ran a proof of concept that established Symantec Data Loss Prevention (DLP) as the solution that would meet its business requirements of protecting information across its endpoint, network and storage systems.

Over the past year, Computershare has been implementing the Symantec DLP solution across three geographic regions: North America; Europe, Middle East and Africa; and Asia-Pacific. With compliance requirements becoming stricter in North America, the organization focused first on protecting data in motion – via email and other communication tools – at its operations in the United States and Canada and then implemented the Symantec DLP solution in Australia.

Symantec DLP delivers a unified solution to discover, monitor and protect confidential data wherever it is stored or used. The solution automates the enforcement of policies designed to prevent the unauthorized loss of information. It scans emails and attachments for confidential information and, based on criteria established by the organization’s risk and audit group, issues the user with a warning and reports the incident or blocks the suspicious message from leaving the organization.

The solution also enables Computershare to register and block the unauthorized copying of sensitive information that could be downloaded to local drives; copied to USB or other removable media devices; burned to CD/DVDs; transferred via email, instant message, or FTP; copied; and printed or faxed electronically. With Symantec DLP, organizations gain visibility into policy violations to proactively secure data with automatic quarantine, relocation and support for policy-based encryption.

"By implementing the Symantec DLP solution, we have reduced both our risk profile and internal and external threats to customer data. The IT team received strong C-level support for the project, easing the process of educating our workforce and client base about the new processes and why they were being introduced," said Irving.

Computershare believes that becoming one of the first global financial services providers of its kind to implement DLP technologies worldwide enhances its reputation as a premium operator and gives it an edge over rivals with fewer data safeguards. The implementation also helps ensure the organization exceeds many of the increasingly stringent privacy legislation requirements in a number of jurisdictions, which may soon include Australia.

Irving attributes the smooth implementation to Symantec’s professionalism and preparedness to forge a close relationship with Computershare. "We have a great partnership with Symantec and participate in their beta program, giving us an opportunity to provide input into product development. We are very happy with their performance and look forward to building an even stronger relationship in the future."

"Computershare’s deployment of the Symantec DLP solution demonstrates how leading companies are taking the initiative to put in place policies and procedures to secure and manage sensitive customer information," said Craig Scroggie, Vice President and Managing Director, Pacific Region, Symantec. "Many senior executives are looking at the risks to their company reputation and the potential financial penalties associated with either accidental or malicious data loss. This is an area where a lot of risk can be reduced through automation and workflow technologies, coupled with educating employees about how to handle sensitive information."