overlay-image

Financial Services Provider Partners With Proofpoint to Keep Customer Information Safe and Ensure Compliance

The Challenge
  • Meet industry compliance requirements
  • Keep customer data secure
  • Strengthen trusted brand for customers
The Solution
  • Proofpoint Endpoint Data Loss Prevention
  • Proofpoint Insider Threat Management
  • Proofpoint Cloud App Security Broker
  • Proofpoint Targeted Attack Protection
The Results
  • Strengthens financial services compliance by preventing data loss at the endpoint and in the cloud
  • Increases security posture with real-time detection of risky behavior
  • Protects cloud collaboration with policy-based access controls

The Challenge

Ensuring Trust and Integrity for Financial Customers

Based in Chicago, Avant is a credit-first financial technology company that provides access to financial solutions, such as personal loans and credit cards that meet customers’ needs wherever they are on their financial journey. The company puts customers at the core of its mission, and relies on its IT infrastructure to deliver a superior experience. Keeping sensitive personal and financial data safe is top of mind for the Avant IT team.

“As a financial company, our main concern is the proper handling of customer information,” said Nick Janich, security engineer at Avant. “There are very heavy fines for companies when a breach happens, or if the organization or an employee mishandles information.”

Avant is constantly looking for ways to better protect its data and meet industry compliance obligations. Since many threats come from inside an organization, Janich and his team wanted to monitor Avant’s 300 customer service professionals. They knew they could strengthen security by detecting out-of-policy behavior.

“Our representatives routinely handle customer information, which is highly sensitive data for a financial services organization like ours,” said Janich. “We needed a solution that would allow us to monitor what they’re doing with it; ensure they aren’t saving it or uploading it to a third-party site; and create a process to take action if sensitive information is sent outside the company.”

Collaboration is important at Avant, so the team also wanted to be sure that its employees safely shared data via cloud applications.

“Another big thing we worry about is mishandling data,” said Janich. “A lot of our data and documents live in our Google Workspace environment, and we worry about people accidentally sharing entire folders with financial and personal information, when they actually intend to share just a single file.”

Avant needed a cloud data protection solution that could be customized to align to its specific processes and protect its customers.

“Proofpoint provides us with pre-built libraries and the ability to create rules around them to align to our processes and safely handle customer data. I feel like I can sleep better at night, knowing that we don’t have random sets of information being sent over unapproved mechanisms.”

Nick Janich, security engineer, Avant

The Solution

Staying Steps Ahead for Compliance

After considering several solutions, Janich and his team chose a complete endpoint protection solution from Proofpoint. Avant deployed Proofpoint Endpoint Data Loss Prevention (DLP) and Proofpoint Insider Threat Management (ITM) to 300 customer service agents offsite.

“Proofpoint was by far the best product that we looked at,” said Janich. “It was something that we were very desperate for, and it was really a comprehensive solution.”

Providing a people-centric approach to managing insider threats and preventing data loss at the endpoint, Proofpoint DLP and ITM help Janich and his team identify risky user behavior and sensitive data interaction, while quickly responding to incidents. With a lightweight endpoint agent, Proofpoint provides deep visibility into user activity. Setup was easy using the solution’s out-of-the-box libraries of alerts, and Avant was also able to implement its own rules to address specific risks and meet Payment Card Industry (PCI) compliance standards.

“Proofpoint lets us set up rules to prevent unauthorized sharing of sensitive information, such as social security and credit card numbers,” said Janich. “We have also tailored the solution to watch for customer terms that we use around potentially sensitive information.”

To extend the scope of its protection, Avant also deployed Proofpoint Cloud App Security Broker (CASB). This solution offers visibility into cloud threats, data loss prevention and risky cloud app usage.

“With Proofpoint CASB and data classification tools, we were able to implement a ‘trust, but verify’ approach to collaboration,” said Janich. “We’re able to verify where people are sending these files, where they’re saving them, how they’re accessing them, who is accessing them, and whether they are shared. We can also modify the alert rules to exclude situations where we are sharing files and emails with a partner company.”

The combined solution also provides the team with insights into user logins, application subscriptions and other activities.

“We have rules around suspicious logins and countries. And we have established our own rules to prevent downloads of Tor browsers, as well as access to inappropriate web sites and social media.”

To provide strong protection against external threats, Avant also installed Proofpoint Targeted Attack Protection (TAP). Proofpoint TAP helps the organization detect, analyze and block email threats before they reach user mailboxes.

The Results

Minimizing Liability and Maximizing Compliance

With Proofpoint endpoint data loss prevention and CASB, Janich and his team have gained an unprecedented level of insight into how employees are working with data. And that allows them to take a more proactive approach to minimizing risk.

“With Proofpoint, we can see and lock down exactly what our users are doing and make sure that we have some of these guardrails in place,” said Janich. “We’ve been able to fully customize the solution to fit our specific needs. For example, we can track whether people are sending data like passwords, API keys or tokens via unapproved methods like Slack. These activities might seem like a convenient shortcut. But if you’re doing them at the wrong time, they could lead to a system compromise or a potentially exposed secret.”

The stakes are high for breaches of customer information. So having effective security controls in place helps Avant avoid compliance issues that could not only impact its reputation, but its finances.

“We are subject to fines on every violation find per record— and a single email might have multiple instances of sensitive information. This includes social security and credit card numbers, and personally identifiable information (PII). So the liability could add up quickly for even a minimal number of email breaches.”

The Proofpoint Endpoint DLP and ITM solutions also provide valuable insights that help detect risky behavior and prevent data exfiltration during personnel changes.

“We have had incidents where an employee has left the company—sometimes not on the best of terms,” said Janich. “Proofpoint creates a timeline for us that shows a user’s data interactions, so we can see what they were doing before their employment status changed—and what they did after. It helps us make sure that they didn’t take any data with them that they shouldn’t have.”

The advanced reporting capabilities of Proofpoint TAP also give the Avant executives insights into the company’s overall security posture. This helps Janich and his team justify expenses and plan more strategically.

“Our executives love the TAP metrics that detail which threat actor groups are emailing us, their tactics and how many of those emails are being auto blocked,” he said. “We had a presentation during cybersecurity month, and we saw a lot of ‘shock and awe’ when we presented all the potential threat actors and how many malicious emails we were handling on average per month.”

Together with Proofpoint, Avant is committed to strengthening its trusted environment and to empowering its IT team to create more innovative financial services products.

Download Customer Story