In this week’s Field Insights we turn to Unisys’ Cloud Consulting Practice lead, Zaid Doleh, to offer insights regarding the New York Department of Financial Services (NYDFS) cybersecurity regulations and how he’s helping clients achieve cybersecurity compliance with a CASB solution.
Are your clients prepared to meet the NYDFS requirements?
Enterprises should consider an approach to truly secure the organization above and beyond just meeting compliance. Our Consulting & Advisory practice at Unisys has been helping organizations improve their cloud security posture and comply with many types of regulatory and compliance mandates including NYDFS and GDPR.
When taking a look at how to achieve NYDFS security compliance, you need to look at CASB solutions. There is a huge cloud transformation taking place in the market. One of my clients, a Fortune 500 Financial Services Company is going through this transformation as they move to the cloud and adopt software as a service for their enterprise. I expect this trend to accelerate, and as this happens, a CASB becomes more essential to ensure enterprises are securing their data in the cloud.
NYDFS is top of mind for CISOs of financial services companies and clients I work with regularly. In order to respond to our client’s business challenge, we needed a CASB vendor compliant with NYDFS. Netskope was the only CASB vendor that understood the NYDFS requirements and what it means for enterprises who have a large amount of their critical business data in the cloud.
What approach do you recommend to clients?
Assess your policies and processes – Although you may have portions of the regulations already in place, it’s imperative that your organization assess current policies and practices for readiness, then create a plan to implement the phased requirements.
The regulation requires encryption methods for data, requiring encryption for data both in transit and at rest. For one of my clients, A Fortune 500 Financial Services Company, encryption was the most important factor in complying with NYDFS.
Can you talk more about your client’s requirements?
Fortune 500 Financial Services Company adheres to NYDFS 500.15: Encryption of nonpublic information with Netskope
A leading Financial Services Company needed a solution to adhere to NYDFS 500.15, requiring encryption controls to protect nonpublic information. They wanted to encrypt the sensitive data in their SaaS environments, both at rest and in transit. They have implemented Netskope across their enterprise to encrypt data at rest in their sanctioned cloud services and in real time to data in transit to cloud services.
Plans to expand use of Netskope
Netskope can help tackle more than just the encryption requirement in the NYDFS regulation. For a full list of how Netskope can help tackle the requirements read this Checklist. This enterprise also plans to expand their use of Netskope to other cloud services including Microsoft Office 365. Netskope – the only CASB to receive Microsoft Gold Cloud Productivity Partner status – enhances Office 365 security by helping you understand and control risky activities across the Office 365 suite of services, protect sensitive data, and stop cloud threats.
For more information about Netskope visit: https://www.netskope.com
For more information on Unisys visit:
http://www.unisys.com/offerings/infrastructure-transformation
