NeoScale

Chartered in 1973, San Francisco-based Spectrum Federal Credit Union serves over 12,000 members and more than fifty Select Employee Groups (SEG). Two of their larger SEG partners are the well-known brokerage firm of Charles Schwab, and the world’s largest construction company Bechtel. With such sophisticated and technologically-savvy partners, the credit union wisely draws on these tremendous resources to help them with their technology planning and implementations. When the issue arose of how to protect their members’ personal data residing on backup tapes, Spectrum FCU took no chances – they and their Technical Advisory Board made the decision to encrypt this important information with the help of NeoScale Systems, an undisputed leader in this emerging market.

Storage Security Challenges

When you consider that Spectrum FCU’s mission statement is "to ensure members' trust by providing excellent financial products and services," it makes perfect sense that they would insist on encrypting any sensitive data that leaves their facilities. The fact is that unencrypted data that moves between credit union branches is always going to be subject to some level of risk. It makes no difference whether a tape goes astray due to some courier's lackadaisical attitude, administrative incompetence, or outright theft, the results are disastrous. Not only will it be a public relations nightmare for the credit union, it can result in serious litigation issues. Unfortunately, there are no shortages of large and small organizations that have made the headlines recently due to losses of backup tapes.

Audit and Regulatory Compliance

Being located in California, Spectrum FCU faces another regulatory hurdle: California Senate Bill 1386, which is designed to protect consumers' personal information. California, along with a couple of dozen other states, compels organizations to publicly notify customers when data has been lost. Even if Spectrum was not located in one of the “lost data disclosure” states, all federally insured credit unions must disclose breaches to their members thanks to Appendix B of the NCUA Rules & Regs Part 748. Finally, even if they were not federally insured, disclosure is the right thing to do and will most likely be mandated in all fifty states by an act of Congress in the near future.

The Solution

With over fifteen years of experience working at the credit union in various positions, Cheryl Johnson knows firsthand the importance of protecting sensitive member data. As Data Processing Manager at the credit union, Cheryl and her fellow IT worker Manuel Silva have their hands full supporting far flung employees located at two branches in Maryland, one in Houston and one in San Francisco. She explains that “we needed a tape encryption system that was easy to install, maintain and administer. We found all of those things with NeoScale Systems.” 

With the help of their data processor provider Harland Financial Solutions and technology vendor Ex-Cel Solutions, the $120M asset credit union installed a NeoScale CryptoStor® Tape appliance between their in-house UltraData core system and their IBM external tape drive. The system is managed via NeoScale’s intuitive Web-based interface. Cheryl points out that “it was a seamless tie into our UltraData system – it was completely painless!” With the NeoScale hardware encryption appliance in place, the credit union has no worries about their tapes as they move across the country – if one were to go missing, there are no notification issues because all of the state and federal regulations specifically exempt encrypted lost data from consumer notification requirements.

Purpose-built Appliances Providing Wire-speed Encryption

If a relatively small credit union such as Spectrum FCU can afford to encrypt their data, why aren’t more credit unions – especially larger credit unions – encrypting their data? It turns out that resistance to encryption is fairly common for two main reasons: 1) organizations are concerned that encryption slows performance, and 2) managing encryption keys makes many people nervous. NeoScale has successfully addressed both of these concerns in powerful and unique ways. Because NeoScale appliances are purpose-built to encrypt data over a storage network or at-rest on disk, virtual tape, or tape media, it handles the encryption process at wire speed with no performance bottlenecks whatsoever. 

Industry’s First Secure, Automated, Open Encryption Key Management

In regards to managing encryption keys, NeoScale's CryptoStor KeyVault™ appliance, the industry’s first open-security key management system, can create encryption keys, distribute them off-site for business continuity, archive them safely for years, share them with trusted sources, and delete them when necessary. Plus because NeoScale offers an open application programming interface, the appliance can connect to any data-storage device. In other words, it is a complete, end-to-end key management system that relieves IT Departments of all of the hassles traditionally associated with managing keys.

Looking back over the project, Cheryl is pleased to report that “it was so easy to work with the NeoScale system because it runs efficiently in the background. It really is the easiest and most cost effective way to encrypt our tapes.” When asked what she would tell other credit unions about installing a NeoScale appliance, Cheryl says that “the system works fine and is well worth the investment.”