Forcepoint Case Studies Indian Power Distributor Stays Ahead of Evolving Privacy Regulations

Edit This Case Study Record

	Indian Power Distributor Stays Ahead of Evolving Privacy Regulations Forcepoint

Indian Power Distributor Stays Ahead of Evolving Privacy Regulations

Forcepoint

Technology Category	Cybersecurity & Privacy - Cloud Security Cybersecurity & Privacy - Database Security Cybersecurity & Privacy - Network Security
Applicable Industries	Utilities
Applicable Functions	Business Operation
Use Cases	Cybersecurity
Services	System Integration Testing & Certification
Challenge	The power distributor provides energy to five power companies across an Indian state with a population of more than 25 million people. Managing the state’s power also means securing the personal and financial data of individuals and business customers. The company manages customer bill pay, consumer feedback, and more—which means that it acquires a sizeable amount of data, from customer names and contact information to invoicing details and power usage trends. In the wrong hands, this data can potentially be used to commit fraud or theft. While the company’s data stores increase, India’s attitude toward data protection is evolving. In August 2017, the country’s Supreme Court ruled privacy was a fundamental human right, spurring work on a nationwide personal data protection bill. While that bill has not yet been enacted, businesses see increased regulation of private data on the horizon and know they will likely need strong regulatory compliance processes very soon. The power company first engaged Forcepoint after reaching an impasse with a web security solution that wasn’t effective or flexible enough to meet its needs. The incumbent web security solution would bypass the URL filter, allowing users to access unauthorized sites. Separate URL filtering and web proxy point products caused a second challenge: the products were meant to work together but dependencies between them meant upgrades to one product would cause the other product to stop working—leading to support and management issues. In addition to these functionality and integration issues, the security product’s category database was less than comprehensive, with multiple categories missing. And a complex update process made it difficult to revise. Read More
About Customer	The customer is a state power distributor in India that provides energy to five power companies across a state with a population of more than 25 million people. The company is responsible for managing the state's power, which includes securing the personal and financial data of individuals and business customers. The company handles customer bill payments, consumer feedback, and more, which means it collects a significant amount of data, including customer names, contact information, invoicing details, and power usage trends. This data, if misused, could potentially be used to commit fraud or theft. As India's attitude towards data protection evolves, the company is looking to strengthen its privacy protections and stay ahead of potential government regulations. Read More
Solution	The power distributor turned to Forcepoint for comprehensive web security with real-time protection and seamlessly integrated URL filtering. With Forcepoint Web Security, the organization could apply policies by user role, content, and/or protocol instead of simply applying black-and-white policies. In addition, the solution has a powerful category database with more groups than the previous product, and ease of management makes it simple to add more. The threat dashboard built into Web Security helps the distributor see the entirety of the threat and security ecosystem as well as understand its own areas of vulnerability. As a bonus, Forcepoint Web Security provides visibility into Shadow IT and allows the company to easily block or allow specific cloud applications on a case-by-case basis, to better protect data from the additional risks that come with moving data outside the network. A recent risk assessment conducted by the organization and Forcepoint identified several incidents indicating data vulnerabilities. To prevent these issues in the future, the organization decided to get closer to user activity and better protect critical data, regardless of location, with Forcepoint Data Loss Prevention (DLP) and Forcepoint Insider Threat. With Forcepoint DLP, the organization will gain visibility into data movement and be able to prevent the kinds of incidents discovered in the risk assessment—confidential or proprietary information being sent to personal email addresses—and more. And Forcepoint Insider Threat provides more context into user interactions with data, so the organization can determine intent and better understand the level of risk associated with each event. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Cloud Security

Cybersecurity & Privacy - Database Security

Cybersecurity & Privacy - Network Security

Applicable Industries

Utilities

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Services

System Integration

Testing & Certification

Challenge

The power distributor provides energy to five power companies across an Indian state with a population of more than 25 million people. Managing the state’s power also means securing the personal and financial data of individuals and business customers. The company manages customer bill pay, consumer feedback, and more—which means that it acquires a sizeable amount of data, from customer names and contact information to invoicing details and power usage trends. In the wrong hands, this data can potentially be used to commit fraud or theft. While the company’s data stores increase, India’s attitude toward data protection is evolving. In August 2017, the country’s Supreme Court ruled privacy was a fundamental human right, spurring work on a nationwide personal data protection bill. While that bill has not yet been enacted, businesses see increased regulation of private data on the horizon and know they will likely need strong regulatory compliance processes very soon. The power company first engaged Forcepoint after reaching an impasse with a web security solution that wasn’t effective or flexible enough to meet its needs. The incumbent web security solution would bypass the URL filter, allowing users to access unauthorized sites. Separate URL filtering and web proxy point products caused a second challenge: the products were meant to work together but dependencies between them meant upgrades to one product would cause the other product to stop working—leading to support and management issues. In addition to these functionality and integration issues, the security product’s category database was less than comprehensive, with multiple categories missing. And a complex update process made it difficult to revise.

About Customer

The customer is a state power distributor in India that provides energy to five power companies across a state with a population of more than 25 million people. The company is responsible for managing the state's power, which includes securing the personal and financial data of individuals and business customers. The company handles customer bill payments, consumer feedback, and more, which means it collects a significant amount of data, including customer names, contact information, invoicing details, and power usage trends. This data, if misused, could potentially be used to commit fraud or theft. As India's attitude towards data protection evolves, the company is looking to strengthen its privacy protections and stay ahead of potential government regulations.

Solution

The power distributor turned to Forcepoint for comprehensive web security with real-time protection and seamlessly integrated URL filtering. With Forcepoint Web Security, the organization could apply policies by user role, content, and/or protocol instead of simply applying black-and-white policies. In addition, the solution has a powerful category database with more groups than the previous product, and ease of management makes it simple to add more. The threat dashboard built into Web Security helps the distributor see the entirety of the threat and security ecosystem as well as understand its own areas of vulnerability. As a bonus, Forcepoint Web Security provides visibility into Shadow IT and allows the company to easily block or allow specific cloud applications on a case-by-case basis, to better protect data from the additional risks that come with moving data outside the network. A recent risk assessment conducted by the organization and Forcepoint identified several incidents indicating data vulnerabilities. To prevent these issues in the future, the organization decided to get closer to user activity and better protect critical data, regardless of location, with Forcepoint Data Loss Prevention (DLP) and Forcepoint Insider Threat. With Forcepoint DLP, the organization will gain visibility into data movement and be able to prevent the kinds of incidents discovered in the risk assessment—confidential or proprietary information being sent to personal email addresses—and more. And Forcepoint Insider Threat provides more context into user interactions with data, so the organization can determine intent and better understand the level of risk associated with each event.

Impact #1	The organization has been able to leverage its strong relationship with Forcepoint to evolve its security practices into a comprehensive strategy for data protection.
Impact #2	The company is now integrating Forcepoint Data Loss Prevention (DLP) and Forcepoint Insider Threat to increase visibility and context into user-data interactions, and Forcepoint NGFW to provide strong network protection for data centers.
Impact #3	The combined solution provides powerful visibility, context, and control, to better prepare to comply with future regulations.

Impact #1

The organization has been able to leverage its strong relationship with Forcepoint to evolve its security practices into a comprehensive strategy for data protection.

Impact #2

The company is now integrating Forcepoint Data Loss Prevention (DLP) and Forcepoint Insider Threat to increase visibility and context into user-data interactions, and Forcepoint NGFW to provide strong network protection for data centers.

Impact #3

The combined solution provides powerful visibility, context, and control, to better prepare to comply with future regulations.

Download PDF Version

Overview

Indian Power Distributor Stays Ahead of Evolving Privacy Regulations

Operational Impact