Having been written up for several security deficiencies in its prior audit, the bank sought to deploy Atakama ahead of its upcoming audit. Although encryption of data at rest was not identified as a deficiency, the bank wanted to be proactive by deploying meaningful security solutions that go beyond the minimum expectations of its regulatory examiners. The bank’s requirements were that the solutions be straightforward to implement, deployed quickly, and not create end-user workflow frictions.
Atakama’s unique distributed key management solution now allows the bank to encrypt at the file level, with each file receiving its own AES 256-bit encryption key. Because of its distributed architecture, Atakama does not rely on user authentication mechanisms, such as identity and access management controls. Regulators are becoming increasingly wary of security solutions that are tied to user authentication, such as encryption solutions that bulk decrypt everything en masse the minute a user successfully enters their login credentials, which is something Atakama squarely addresses. Atakama’s granular encryption solution also provides the bank with a logging feature that will help its compliance requirements, all without impacting how users interact with their files.
Ahead of its annual audit, the bank deployed Atakama’s encryption solution to over 300 of its employees. Instead of relying on full volume encryption, the bank now encrypts its sensitive and confidential files, including non-public PII, at the file level. The bank’s files are now more secure than they ever have been in the past, and Atakama has enabled the client to not only comply with regulations, but impress its regulators in the process.