Trustwave — Serving the Financial Service Industry by Protecting Consumer Data, Ensuring Compliance & Mitigating Online Threats

Sean Garrity • February 14, 2017

In a Nutshell:  Few industries are targeted by cybercrime more than the financial services sector. For more than 20 years, Trustwave has successfully partnered with financial institutions to provide comprehensive, managed security to mitigate online threats. Trustwave’s multi-layered approach gives organizations real-time solutions to maintain compliance and protect the integrity of their proprietary and client data. The company’s cloud-based, industry-leading platform, TrustKeeper, has helped organizations around the world monitor their networks and manage security by connecting to a suite of powerful technology services that shield against those with malicious intent.

Crest Savings Bank, based in Wildwood, N.J., has approximately $400 million in assets and a staff of more than 90 employees across eight locations. The bank has been providing a full range of products and services to Cape May County since 1919. Crestwood makes protecting the security of its customer data a top priority, and so it needed a cost-efficient company with specialized expertise to safeguard its network.

Crest Savings chose Trustwave as its principal security partner for the company’s long track record of reliability and cost efficiency. Trustwave provided the bank with a host of services to help mitigate threats and maintain compliance, including email security, intrusion detection, network monitoring, web filtering, and more.

“A security model that includes continuous network monitoring and web filtering helps provide us with protection against any threats and was easy to accomplish with the expert engineers at Trustwave,” said Karen Graham, Crest Savings Bank’s Senior Vice President and Chief Operations Officer. “We have peace of mind knowing Trustwave is monitoring our network activity and systematically blocking any security threats.”

Established in 1995, Trustwave has built a reputation around ensuring security for financial services firms. Its cloud-based platform, TrustKeeper, currently provides businesses in 96 countries around the world access to the company’s cutting-edge technology and strategic security management.

Trustwave’s layered security approach employs risk assessment to help businesses make prudent, strategic decisions. The company’s solutions provide intelligence-based threat management to control online attacks, compliance assurance to meet the latest industry standards, and network monitoring to maintain the highest level of safety. All of this is supported by Trustwave’s philosophy of promoting security awareness and education for their clients.

Comprehensive Suite of Services Keeps Customer Data Safe

It’s no surprise financial services firms find themselves in the crosshairs of cybercriminals. The proprietary and customer data such institutions house is incredibly valuable for those with nefarious intent.

Trustwave’s comprehensive approach to protection provides a shield for the finance industry to guard against these threats. And the company’s risk assessment services play a key role in preventing attacks and locating vulnerabilities.

By identifying network dangers early, Trustwave mitigates threats before they become active and problematic data breaches. What sets Trustwave’s risk assessment services apart is how issues are evaluated as business operations evolve. This real-time approach takes into consideration how business decisions impact security and allows organizations to act accordingly based on an evaluation of ongoing strategic and operational risks.

Trustwave’s holistic approach detects threats early, keeping customer and proprietary data safe.

The Trustwave Secure Web Gateway includes physical and virtual appliances, a cloud platform, and managed security service options, which provide protection against dynamic malware. The company pledges to mitigate 100% of the malware threatening financial institutions with their Zero-Malware Guarantee.

To prevent attacks, Trustwave’s penetration test or “ethical hack” evaluates an application’s or network’s ability to withstand a breach. In a penetration test, an expert (or “ethical hacker”) uses the same techniques as today’s cybercriminals to hack into the network or application. This works to reveal undetected vulnerabilities.

SSL Certificates provide the highest level of security for websites, but managing the thousands of certificates needed across websites can be a challenge for businesses. Trustwave provides enterprise-class Certificate Lifecycle Management that automates many aspects of certificate procurement, tracking, and renewal.

Solutions Built to Fulfill Compliance Regulations

Trustwave provides centralized management for compliance that automates and organizes controls, policies, and procedures across multiple compliance frameworks, including GLBA and PCI.

Larger businesses rely on the compliance manager to increase transparency and accountability throughout the compliance process. This is another real-time solution in the Trustwave toolbox that provides clear and actionable information presented through a single, consolidated view.

Trustwave can address specific compliance issues with advanced services. For example, as the amount of data that businesses generate increases, it becomes more difficult to manage compliance provisions that require it to be protected and monitored. Data Loss Prevention enables businesses to track and secure data at rest and in use to ensure this regulatory compliance.

Another compliance challenge is posed by the Bring-Your-Own-Device (BYOD) policy that most companies implement today. Employees prefer to work on their favorite tablets and smartphones, which complicates securing networks. With its unique network access control solution for BYOD, Trustwave puts control back into the hands of IT administrators and assures compliance.

Trustwave helps monitor and mitigate threats to safeguard networks and ensure regulatory compliance.

It’s necessary for financial institutions to employ authentication solutions, as mandated by the Payment Card Industry Data Security Standard (PCI DSS), FFIEC Authentication Guidance and other regulations. Trustwave’s cloud-based two-factor authentication solutions help secure access to networks and applications, protect users, and address compliance requirements for the protection of regulated data.

Interface with web applications must also be carefully monitored, according to PCI compliance rules. Trustwave’s Web Application Firewall enables continuous monitoring to instantly detect and prevent threats and mitigate the risk of data breaches.

To get a holistic view of threats and the security for compliance, Trustwave’s Security Information and Event Management (SIEM) applications provide broad visibility of a network and improve compliance processes through logging, monitoring, and analysis of events. Similarly, a number of requirements have rules regarding response time to incidents, because a quick and efficient response to an attack can make all the difference. Trustwave’s incident response services provide the ability to quickly respond to attacks and indicate how resources should be used in such responses.

Supporting all Trustwave security is Security Awareness Education. Trustwave instructs employees to follow the best practices in online security, including the safe use of web and social media tools and password management. Security awareness education gives workers the security know-how to help protect against compliance errors and growing risks. This program also helps to build a culture of attentiveness around security issues.

A Centralized, Cloud-Based Platform to Manage Security

All of Trustwave’s services are managed by TrustKeeper, the company’s cloud-based managed security services portal. Trustwave prides itself on being the only security firm to provide a platform that both monitors security on a business network and also links that monitoring to a suite of powerful technology services to maintain security.

Businesses of any size can use Trustwave’s cloud-based platform TrustKeeper to manage security.

TrustKeeper is effective for businesses of all sizes. Small businesses can use the wizards and to-do list to accelerate and track their security and compliance. Larger businesses can automate information security and compliance across complex networks with enterprise-grade managed services.

TrustKeeper provides a suite of Trustwave’s key services, including compliance management, managed security, penetration testing, identity authentication, and many others are on the growing list found within the portal. App integration and common services, like support and online chat, are also included in the comprehensive solution.

Smart Security on Demand Protects 3M+ Enrollees

Trustwave’s unique, industry-leading approach to comprehensive security for financial services has helped more than 3 million users around the world achieve peace of mind. As Karen Graham pointed out, with Trustwave, Crest Savings Bank can enforce its acceptable use policy and gain visibility into employee internet usage. Karen and her customers rest easy knowing email is secured and network bandwidth is optimized – with more than 70% of incoming email identified as spam and blocked before it hits the network gateway.

“Over the years, Trustwave has kept up with security enhancements and made user-friendly changes for reporting,” Karen said. “I can easily login to the TrustKeeper portal to make a request for any needed changes, and it gets taken care of quickly.”

While it’s true the threat levels are high in the financial service industry, institutions are happy to know Trustwave is there to shield against them.

Editorial Note: Opinions expressed here are the author's alone, not those of any bank, credit card issuer, airline or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

About the Author

Sean Garrity

Sean Garrity is a contributing editor at Digital Brands with over 10 years of experience researching, writing, and editing for numerous industry-specific publications. His goal is to help inform stakeholders about the latest trends and technologies in the finance industry. When he isn’t wrapped up reading about the latest solutions for consumers, you can find Sean outdoors, camping and fishing with his wife and two sons.