Invoice identity theft threat squashed

Data service companies have to raise their data security game to meet client company needs.


Regulus Group, the largest independent bill presentment and remittance company in the US, has selected Decru DataFort storage security appliances to protect sensitive and regulated client data from unauthorized access. Regulus deals with billing data for more than half the Fortune 50 corporations in the USA. IT is head-quartered in the wine-growing region of Napa valley in California and is the leading U.S. outsourcer and integrated provider of bill presentment and payment processing; servicing nearly 2 billion paper and electronic items annually for Fortune 500 customers. Its service covers every aspect of a transaction, from the point when a corporation releases a billing file for invoicing to the posting of the associated paper or electronic payment, and thereafter in the support of customer care and collections.

Jeff Dalton, technical operating officer for Regulus Group, said: “Regulus Group handles data from companies around the globe, including one in four of the Fortune 50. We view it as our responsibility to be in compliance with any mandates that our customers face.”

Regulus Group’s requirements point to an interesting trend in cascading compliance. Increasingly, organizations that provide data services are being asked to meet the same security and compliance requirements as those governing their clients. Because a data breach at any stage of the supply chain can cause brand damage and regulatory penalties, these requirements are increasingly cascaded through contractual obligations and service level agreements. For service providers that manage multiple clients within a shared computing infrastructure, the need to securely compartmentalize data while controlling costs creates additional challenges.

Regulus’ customers represent leading companies from virtually every industry; as a result, the company is impacted by a broad range of regulations, including HIPAA, GLBA, Sarbanes-Oxley, and the disclosure laws now in place in a majority of US states. Not surprisingly, Regulus received requests from many of its customers to ensure their data was protected with strong encryption.

Regulus’ primary requirements for an encryption solution included performance, strong key management, and ease of use. It was also critical to have a solution that could work across a heterogeneous storage environment comprised of many different operating systems and vendor platforms. To simplify management, Regulus’ chose to encrypt all of its data on disk and tape, rather than manage an ongoing data classification project.

It has selected Decru DataFort storage security appliances to protect its vast amounts of sensitive and regulated client data from unauthorized access. Decru DataFort FC-Series appliances and Decru Lifetime Key Management system have been deployed to encrypt all data stored in both SAN and tape backup infrastructures.

Decru, a Network Appliance company, provides a unified platform for securing data at rest across an enterprise. DataFort appliances protect the application and storage infrastructure with a layer of wire-speed encryption, authentication, access controls, and enterprise-wide key management. Customers can deploy DataFort appliances transparently in network-attached storage (NAS), direct-attached storage (DAS), Fibre Channel SAN (storage area network) , IP-SAN and tape backup environments, with no changes to servers, desktops, applications, or user workflow.

“With identity theft at an all time high, organizations are rethinking their strategies for defending their sensitive data assets,” said Suresh Vasudevan, a Decru general manager and senior VP.

"Recommended For You"

AWS offers security conscious enterprises new appliances End-to-end encryption: The PCI security holy grail