Fortinet Acquires Next DLP Strengthens its Top-Tier Unified SASE Solution Read the release

Accelerated Deployment for Regulation Compliance

Real-time data protection for compliance and security for Financial Services
Mortgage Insurance

Summary of outcome

Challenge

This financial services customer, post-spinout from a larger entity, needed efficient NIST 800-53 compliance, reduced overhead, and Microsoft E5 compatibility, supporting a positive security culture.
Learn more

Solution

The company sought quick, efficient DLP deployment. Reveal's real-time classification and cloud approach exceeded expectations, ensuring timely, adaptive security solutions.
Learn more

Result

Reveal met rigorous requirements, streamlining NIST compliance, easing policy creation, and enhancing data security. Next's efficient tools bolstered their lean security team's capabilities.
Learn more
crowd walking around

About company

This customer is a mid-market mortgage insurance provider with over 500 employees. As publicly traded company in a heavily regulated industry they must comply with a wide variety of laws and regulations including the privacy and information security requirements of the Gramm-Leach-Bliley, Dodd-Frank, California Consumer Privacy, Virginia Consumer Data Protection, and Fair Credit Reporting Acts. In addition, their internal data governance program holds their team accountable to further data protection goals.

business conversation with hands

Challenge

The company has a mature cybersecurity practice based on National Institute of Standards and Technology (NIST) 800-53. This was developed when the business was a division of a larger organization using a legacy DLP solution.

After its spinout from the larger organization, the company needed a solution with less overhead, but couldn’t sacrifice on data protection or compliance capabilities. The team could not dedicate the same resources from its now smaller security team to manage a legacy solution. This included constantly monitoring, adjusting, and managing granular rules dictating which users could take specific actions and supporting the multiple compliance needs. As a Microsoft E5 customer, they also needed a solution that could ingest Microsoft Information Protection (MIP) sensitivity labels. Finally, the company wanted a solution that would support a security culture.

rubiks cube

Solution

The company’s security team required proof that any solution would enable quick deployment, low overhead, and rapid time to value. They decided to conduct proofs of concept with Next and multiple other established DLP vendors.

Reveal’s approach to DLP differed from those they had worked with previously, but they quicky realized the value in this new approach. Rather than relying on pre-classification of all data within the newly split off enterprise, Reveal identifies and classifies data in real time, as it is created, accessed, or used. Its cloud native approach also better matched the company’s SaaS and cloud-based app environment. Reveal’s feature velocity provided the team with the confidence that the solution was well positioned to address evolving needs.

Once the spin-off dates were set, the organization needed to hit the deployment timeline with minimal room for delays or a lengthy on-boarding and training process. With no onsite HW or SW infrastructure required, the Next team delivered their fully functional data protection platform weeks ahead of schedule.

Result

controls

Active and auditable controls

The team selected Reveal based on its effectiveness in protecting data and meeting the company’s rigorous requirements including both internal governance and external frameworks like NIST 800-53. The team was able to connect the NIST requirements to Reveal’s capabilities including USB controls, (Data Security – Media Protection) to put active and auditable controls around sensitive data.

Download customer story
quickly create and deploy policies

Quickly create and deploy policies

Prior to migrating off their legacy DLP, they constantly struggled with finding talented security professionals to support the solution. Policy creation and modification was a particular challenge, often requiring days or weeks of coding to build and then troubleshoot. With Next the organization was able to create and deploy a policy in minutes.

Download customer story
intuitive management console

Intuitive management console

Reveal’s pre-built policy packs helped the team quickly address their compliance needs while giving them flexibility to modify as needed. When they were part of the larger business, compliance was handled by the global information security team, now they needed a way to fulfill the same compliance needs with a much smaller team. Next saved them hours of work each week with its intuitive management console.
Download customer story
incident based training

Incident-based training

Reveal’s incident-based training helped security teams reinforce corporate policies, enabled users to make safer decisions, and supported their security culture. The solution’s simple deployment and management model and support structure gave the security team confidence that it had a long-term partner in Next.
Click email header 2

See how Next protects your employees and prevents data loss