BRAC Bank Secures the Sensitive Information of its Small and Medium Enterprise Customers with Forcepoint
Forcepoint DLP helps BRAC Bank minimize the risk of data loss, and maintain
the trust of its customers, by tracking and controlling how data moves inside and outside the organization.
Bangladesh’s rising SME sector relies on BRAC Bank’s visionary banking solutions to provide an impetus to the country’s economic growth and employment opportunities. This also means entrusting the bank with its data confidentiality. BRAC Bank turned to Forcepoint DLP to plug all data leaks and protect its sensitive customer data, upholding the trust placed by its customers.
Prevent leakage of confidential customer and corporate data.
Implement Forcepoint Data Loss Prevention.
- Gain complete visibility over classified and confidential data.
- Ability to track and control what data goes out of the organization.
- Ensure the protection of sensitive customer data and safeguard the trust placed in the bank by its customers.
Until 2001, Small and Medium Enterprise entrepreneurs (SMEs) in Bangladesh had a big challenge: while they desired to start businesses that would help grow the economy and provide crucial employment opportunities, it was almost impossible to get the financing needed from the country’s existing banks. Inspired by their parent organization BRAC, the largest NGO in the world, the visionary founder of BRAC Bank, Sir Fazle Hasan Abed KCMG, stepped in to provide banking solutions for the ‘unbanked’, allowing an untapped entrepreneurial market to take off. BRAC Bank’s massive growth and rise to one of Bangladesh’s largest private commercial banks within two decades of existence is largely owing to this vision of serving the unbanked and bringing grassroots entrepreneurs under the umbrella of formal banking. With the majority of its lending portfolio comprising of SMEs, BRAC Bank is instrumental in driving this key pillar growth and employment for Bangladesh’s economy. It is also entrusted
with protecting the critical and sensitive data of the millions of entrepreneurs it helps succeed.
Lack of visibility and control raise data leakage concerns
As the custodian of the confidential data of its over 2 million customers, protecting this data is not only a regulatory requirement for BRAC Bank but also a business imperative as its customers’ trust and the bank’s brand reputation are dependent on it. “The most important thing that we are trying to protect, besides customer data confidentiality, is the reputation of BRAC Bank, which is priceless for us,” said B. M. Zahid-ul Haque, Head of Information Security, BRAC Bank Ltd. “A successful data breach can have widespread effects that could not only negatively impact our customers and investors but also severely damage—if not destroy—the bank’s reputation.”
A key challenge for the bank in ensuring the security and integrity of its data was a lack of visibility and control over classified data across the organization. This meant that confidential data could be shared over email or instant messenger, copied to a USB drive, or printed without the bank being alerted. This opened up the risk of data loss through the unauthorized transmission of data, whether accidentally or deliberately, from within the organization to outside.
Plugging those potential data leaks allowed by unauthorized data sharing was a major goal for the bank. “We realized that having enhanced policies and controls in place to reduce the risk of sensitive data leaking outside the organization was strategic to data protection and building a robust security posture,” explained Haque.
Plugging the data security gap with next-gen DLP
To address the challengze and minimize the risk of data loss, B. M. Zahid-ul Haque and his team started evaluating multiple Data Loss Prevention (DLP) solutions available in the market on several parameters. This included the RFP response, functional comparison, security, scalability, presentation outcome, proof-of-concept outcome, OEM reputation, support, user feedback, market reviews and cost parameter among others.
“We wanted a DLP solution that not only provides us with a higher level of security but also greater visibility, control, and adaptability. With its track record of continuous innovation and laser-focus on next-gen DLP, Forcepoint sets the standard for DLP technology in the industry. Therefore, it was the match with our requirements,” said Haque.
BRAC Bank formed a team internally that worked closely with Forcepoint and its implementation partner for the smooth, phased rollout of the DLP solution. Integration with existing systems was key, which was managed successfully with the support and co-operation from the top management.
Gaining complete visibility and control over confidential data
Forcepoint DLP has helped BRAC Bank identify, track and secure all types of classified and confidential data. It restricts any outside communication of specific/classified files on the internet and intranet as well as network channels like email, clients, FTP, https, SMB protocol, IM application, webmail, etc.
Covering all its enterprise resources, including desktops, client-server, printers, email applications and servers, websites and SharePoint as well as portable storage like USB, CD/DVD, home storage, smartphones and tablets, Forcepoint DLP has helped the bank gain complete visibility, investigative capabilities and holistic view of classified data across the entire organization.
Forcepoint DLP has brought a certain level of maturity into the BRAC Bank security landscape. The level of control Forcepoint provides over what data goes out of the organization through all possible channels has given us the confidence to know that we're preventing loss of private data. This has helped strengthen our relationship with our customers by justifying the trust they have placed in us,” Haque concluded.