The Ministry of the Interior of Austria has deployed the latest release of Teleran’s Data Protection and Compliance software solution to address strict Federal and EU data security laws.
The Ministry manages a diverse portfolio of critical tasks from fighting crime, terrorism, and corruption to addressing immigration, asylum, civil protection and airport security. Because of its broad mandate and the sensitive nature of the data it handles, the Ministry is required by federal and European Union (EU) data protection and compliance laws to monitor and protect the access and use of sensitive data. This is no small task considering that there are over 50 classifications of sensitive data which the Ministry maintains in their complex mix of IBM DB2 mainframe and Microsoft SQL Server database environments. In addition, the federal data security law requires that the actual data requested be recorded and stored along with the other usage metrics described above for potential future forensic analysis.
Teleran’s solution enables the Ministry to maintain a continuous and detailed audit of sensitive data requests including the name and ID of the requester as well as what data is being accessed, with what application, when and from where. Teleran’s powerful Identity Persistence™ feature captures who the information requester is despite “user-masking” facilities like connection pooling and the use of proxy database log-ins at the application layer.
The Teleran system also captures and stores, in a storage-efficient XML format, the actual sensitive data delivered back to the user. Teleran’s solution allows Ministry compliance staff to flexibly analyze usage activity across all 50 sensitive data classifications to ensure ongoing compliance and protection. Teleran’s real-time data protection policy manager will enable the Ministry to protect their broad range of sensitive data from inappropriate or malicious access going forward. The policy manager uses patented AI techniques to evaluate information requests and either block inappropriate requests or mask sensitive data on-the-fly.
