Scroll Top
400 S El Camino Real Suite 1050, San Mateo, CA 94402
Join Now
SYMMETRY CUSTOMER CASE STUDY

Leading Fintech Accelerates PCI DSS 4.0 Compliance with Symmetry Systems

ABOUT

Industry:
Fintech

Size:
1K – 3K employees

Cloud Services:

  • AWS CloudTrail
  • AWS RDS
  • Amazon S3
  • DynamoDB
  • MySQL
  • PostgreSQL
  • Greenplum

ABOUT CUSTOMER

The customer is a prominent provider of cloud-based digital banking solutions for financial institutions across the United States. Their platform enables clients to grow confidently, adapt quickly, and build thriving digital communities. The solutions span retail and business banking, digital account opening, payment security, and data analytics and marketing.

Serving a diverse clientele—including community banks, regional banks, and credit unions—the company empowers financial institutions to transform their operations securely and efficiently. Recently, they were recognized in a leading industry ranking of top fintech companies.

View as a PDF: Case Study – Leading Fintech Accelerates PCI DSS 4.0 Compliance with Symmetry Systems
The Challenge

The Challenge

Legacy tools fall short of PCI DSS 4.0’s data security demands.

As a leading provider of digital banking services, the organization recognized the urgent need to strengthen its data security posture in response to the evolving regulatory landscape. The forthcoming PCI DSS 4.0 standards introduced stricter requirements for protecting cardholder data and maintaining secure environments, which presented a significant challenge.
Although the company had invested in database activity monitoring and security tools, these solutions fell short in providing the contextual insights and granular control needed to manage their diverse and sensitive data landscape effectively.

Key challenges included:

  • Regulatory Compliance: Ensuring alignment with PCI DSS 4.0, particularly the continuous monitoring and validation requirements.
  • Operational Impact: Implementing enhanced security measures without disrupting critical transactional systems.
    Comprehensive Visibility: Gaining detailed insights into data flows, access patterns, and the status of sensitive assets across a wide range of data stores.
  • Balancing Needs: Navigating the priorities of security, compliance, and operational teams to deliver a solution that satisfied all stakeholders without extending the compliance boundary unnecessarily.
The Goal

The Goal

The company’s security team sought to deploy a modern data security solution that would:

  • Integrate seamlessly into their existing cloud infrastructure.
  • Provide coverage of all data stores and data lakes within their environment 
  • Provide visibility and control over sensitive data, including cardholder data subject to PCI DSS 4.0.
  • Provide a more holistic data security platform.
  • Not introduce additional compliance headaches by transferring data outside the compliance boundary,
  • Minimize operational disruptions to ensure critical systems remain fully functional and efficient.

The team faced a delicate balancing act. They needed a solution that would enhance compliance and security while maintaining operational efficiency, avoiding unnecessary costs, and ensuring a smooth collaboration with product teams and site reliability engineers (SREs).

The Choice

Why Symmetry

The company selected Symmetry’s Data Security Posture Management (DSPM) solution because it addressed their unique requirements with an innovative approach:

  • Deployment Model: Symmetry’s solution was able to operate entirely within the customer’s environment, thereby inheriting all existing production controls and ensuring uncompromised data security. This approach aligned with the organization’s stringent security and compliance requirements.
  • Custody and Control of Data at All times: Unlike other DSPM solutions that require data ingestion or metadata extraction, Symmetry’s approach avoids the transfer of sensitive data outside their control.
  • Data Store Coverage: Symmetry was able to cover the majority of the customer’s data stores, identity providers and log sources outside the box, and developed connectors for the gaps within weeks of deployment.
  • Minimal Operational Impact: By leveraging existing snapshots of data stores and log stores for analysis, Symmetry eliminated the need for direct access to production databases. This ensured zero performance impact on critical systems—an essential consideration for the product and SRE teams.
  • Enhanced Visibility: Symmetry’s ability to analyze logs and provide detailed insights into data access patterns offered unparalleled visibility without disrupting ongoing operations.

These features made Symmetry an ideal partner for improving the company’s data security posture while addressing the specific challenges posed by PCI DSS 4.0.

The Outcomes

The Outcomes: PCI DSS 4.0 Ready & Cost Savings in the Bank

Symmetry’s DSPM solution delivered measurable results, transforming the company’s compliance readiness, data management, and data security detection and response.

Data Discovery and Inventory

Symmetry enabled the organization to uncover unknown accounts, data stores, and identities, reconstructing historical data flows to gain a complete inventory as required by PCI DSS 4.0. This led to a complete reduction in unknown accounts and improved oversight and coverage of the entire environment.

 

Continuous Monitoring

The leading Fintech leveraged Symmetry’s flexible data access policy engine to enable the continuous monitoring of data, identities and related data flow from the CDE that they desired.. Key improvements to ensure compliance with PCI DSS 4.0’s continuous monitoring mandates included:

  • Real-time monitoring of cardholder data and data flows across the environment.
  • 100% MFA compliance for administrative identities.
  • Detection and mitigation of unauthorized cross-account data flows.

These capabilities provided continuous visibility and proactive remediation, maintaining the integrity of the compliance environment.

 

 

Data Management and Cost Optimization

Dormant and redundant data stores were also identified, reducing inactive stores by 63% and eliminating over 5TB of unnecessary data. This optimization streamlined resource management and minimized security risks.

And more…

 

Quote

“Symmetry helped my team accelerate PCI DSS 4.0 compliance, lock down our sensitive financial data, identify dark data (which lead to inflated cloud costs) and take control of our data management—giving us the confidence to keep innovating for our fintech clients.”

CISO, Leading Fintech

About Symmetry Systems

Symmetry Systems is the Data+AI Security Company. We safeguard data at scale, detect threats, ensure compliance & reduce AI risks, so you can Innovate with Confidence.  Our Data Security Posture Management platform is engineered specifically to address modern data security and privacy challenges at scale from the data out, providing organizations the ability to innovate with confidence. With total visibility into what data you have, where it lives, who can access it, and how it’s being used, Symmetry safeguards your organization’s data from misuse, insider threats, and cybercriminals, as well as unintended exposure of sensitive IP and personal information through use of generative AI technologies. 

Learn More
Our website uses cookies from third party services to improve your browsing experience. Read more about this and how you can control cookies by clicking "Privacy Preferences".
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our privacy policy
Required
Tracking
This website uses functions of the web analytics service Google Analytics.
Required
YouTube
This website uses YouTube service to provide video content streaming.
Required
Privacy Policy Cookies Policy