Case study: Top New Zealand Bank CipherCloud│www.ciphercloud.com

Top New Zealand Bank Case Study

New Zealand Bank Moves Customer Applications to the CloudCipherCloud Assures that Private Data in Salesforce Meets Strict New Zealand Privacy Laws

Quick Facts� Headquarters: Auckland, New Zealand� Industry: Banking� Products: Banking services� Employees: 5,000+� Years in business: Over 150

Challenges� Safeguard external banking applications

in the public cloud� Prevent unencrypted data and restrict

offshore access to customer records� Key Regulations: APRA & NZ Privacy Act

Solution� CipherCloud for Salesforce� Applied AES 256-bit encryption to:

◊ 100 Salesforce & Chatter fields◊ 2 million+ records◊ Selective PII fields of offshore data

� Transparent solution for 1,000 users first go, 4,000 planned

Top Benefits� Enabled major cloud collaboration

initiative while assuring compliance with NZ laws

� Met aggressive customer deployment timelines despite major disruption from earthquake

ChallengeThis major bank of New Zealand has been a respected fixture for as long as anyone in New Zealand can remember, going back to the days of New Zealand’s nineteenth century Gold Rush. With the same level of determination that saw them through world wars and world-changing technologies, this company continues its commitment to providing world renowned financial services to its global community.

Part of that commitment recently meant transforming their banking practices by migrating their external banking applications to the public cloud. First, they had to be certain they could meet New Zealand’s—and global—privacy regulations that restrict storing unencrypted customer records offshore.

Requirements The bank’s priorities were to reduce internal infrastructure, while enabling their work force to collaborate and share customer data conveniently, while assuring security, privacy, and legal compliance.

Salesforce (SFDC) was their CRM platform of choice because of its flexibility, scalability and cost-effectiveness. However, Salesforce servers and infrastructure reside outside of New Zealand, and largely in the US, raising legal concerns. Before they could leverage the benefits of a cloud-based CRM system they had to:

image: lifacolor

CipherCloud is the industry leader in cloud information protection, enabling organizations to securely adopt cloud applications by overcoming data privacy, residency, security, and regulatory compliance risks.

The award-winning CipherCloud Platform has been deployed globally by Fortune 1000 companies in banking, insurance, healthcare, hi-tech, and government.

CipherCloud protects over:2.0 million users250 million records10 industries15 countries6 languages

Products protected:SalesforceForce.comChatterBoxMicrosoft Office 365Google GmailAmazon Web ServicesAny cloud applicationDatabases

For more information:1-855-5CIPHER(1-855-524-7437)www.ciphercloud.cominfo@ciphercloud.comTwitter: @ciphercloudCorporate headquarters:99 Almaden Blvd.San Jose, CA 95113

©2013–2014 CipherCloud. All trademarks are property of their respective owners.CC-CS-07-140110

� Assure compliance with APRA (Australian Prevention and Recovery Administration) & NZ Privacy Act mandates

� Integrate security for their CRM and email applications with up to 2 million existing records

� Work with third-party applications, including IBM Data Stage, Cig-IP-SSO and RIVA-Lotus Notes

SolutionThe security capabilities that CipherCloud for Salesforce provides fit the bill for this bank. The solution starts with AES 256-bit encryption, and includes tokenization, malware detection and monitoring of information before it gets to the cloud. Customers can define which fields, and as many as they want, to encrypt as they wish per their required level of granularity. The bank applied encryption to over 100 SFDC fields, 2 million+ records, and selective PII fields stored offshore.

None of these security measures impacts their users – it’s all transparent to them, whether on desktops, web browsers, or mobile smartphones and tablets. As standard practice, this bank requires ownership of their encryption keys, which CipherCloud always makes a part of their solutions to meet compliance regulations and general safety practices. Even if information were compromised, no one without keys can read it.

BenefitsThe bank completed this major cloud initiative for their employees and assured compliance with New Zealand laws under an aggressive timeline, even with a major and difficult disruption from a local earthquake.

Able to encrypt selective PII fields for customer data stored offshore….”“

Supports unstructured Chatter posts and attachments.