US-based banking and financial services company with strong presence in retail banking and credit cards businesses. Processes and millions of transaction per year.
The firm was facing a challenge to ensure continued compliance with PCI-DSS as it pertains to handling of credit card data. Specifically, the firm was looking for a technology to monitor employee activity to assist with:
- Identifying workflow involving credit card data.
- Enforce strict rules in terms of handling and storage of credit card data in the appropriate systems.
- Gain forensic evidence of all credit card handling activity in the event of non-compliance.
- Ensure best practices by identifying and preventing any non-compliant handling of credit card data.
Implement a transparent solution that would allow monitoring of all activity related to handling of credit card data, while ensuring compliance and capturing any non-compliance activity for non-compliance audit and reporting capabilities.
The firm was able to see improvements in the following areas:
- Better understanding of credit card data handling restrictions and requirements by users.
- Full audit trail of all credit card related transactions.
- Availability of forensic data (video) in the form of user session recordings to identify challenges and educate the user population and report on non-compliance.