Download PDF
Multinational Hotels Company Enables Google Apps While Ensuring PCI Compliance with Google Apps and Netskope
Technology Category
- Application Infrastructure & Middleware - API Integration & Management
- Cybersecurity & Privacy - Cloud Security
Applicable Functions
- Business Operation
Use Cases
- Regulatory Compliance Monitoring
- Remote Collaboration
Services
- Cloud Planning, Design & Implementation Services
- Cybersecurity Services
The Challenge
The multinational hotel group, a long-time Google Apps customer, underwent an internal security audit. The audit highlighted the cloud as an area where there was very little visibility, particularly concerning PCI. The company's customer support operations and corporate employees often interact with consumers and business guests, taking customer information such as credit card and other personally-identifiable or sensitive information during those conversations. Furthermore, the corporate employees have access to a tremendous amount of valuable content such as booking information, customer lists, partner contracts, corporate plans, M&A documents, non-public financials, and more. The organization needed to discover where that content is, understand what it is, and ensure that it has proper protections around it.
About The Customer
The customer is a multinational hotel group with nearly 5,000 hotels in 100 countries around the world. The company has more than 100,000 employees and uses Google Apps extensively, with employees particularly using Google Drive, Docs, and Sheets. The company has more than a thousand cloud apps in use to achieve a host of use cases ranging from customer relationship management to marketing to supply chain and e-commerce, but the majority of cloud usage and data movement are in Google Apps. The company's customer support operations and corporate employees often interact with consumers and business guests, taking customer information such as credit card and other personally-identifiable or sensitive information during those conversations.
The Solution
The company used Netskope for Google Apps to automatically discover content within their corporate sanctioned Google Drive, which houses all of their content created in or uploaded to any Google App. They developed a handful of custom DLP profiles using the Netskope policy wizard, including “PCI,” “PII,” and “confidential,” and identified tens of thousands of content violations. After discovering sensitive content against the above profiles, the customer was able to drill down, see who the content owners were, and understand the sharing status of the content, including percentage of sensitive data that was shared outside of the company and how many people outside of the company still had access. They were also able to restrict access as well as download several documents for later review by legal. They also used Netskope to notify content owners of the actions they had taken to create process and policy transparency.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Premium Appliance Producer Innovates with Internet of Everything
Sub-Zero faced the largest product launch in the company’s history:It wanted to launch 60 new products as scheduled while simultaneously opening a new “greenfield” production facility, yet still adhering to stringent quality requirements and manage issues from new supply-chain partners. A the same time, it wanted to increase staff productivity time and collaboration while reducing travel and costs.
Case Study
Aerospace & Defense Case Study Airbus
For the development of its new wide-body aircraft, Airbus needed to ensure quality and consistency across all internal and external stakeholders. Airbus had many challenges including a very aggressive development schedule and the need to ramp up production quickly to satisfy their delivery commitments. The lack of communication extended design time and introduced errors that drove up costs.
Case Study
Remote Monitoring for Environmental Compliance
Emerson wanted to provide a connected environmental analyzer to their customers. They wanted to leverage IoT technologies to provide a software solution that was easy to use, real-time and centralized. Compliance with pollution control board guidelines and the ability to remotely calibrate and troubleshoot these devices was the primary objective. Requirements - Centralized Remote Monitoring. - IoT Based Smart Environmental Analyzers. - Remote Calibration and Troubleshooting. - User Friendly Application. - Reporting & Dashboards. - Compliance with pollution control board guidelines.
Case Study
Porsche Announces Augmented Reality at Scale, Powered by Atheer
The usual practice for car repairs at a Porsche car dealership is to have a factory representative or regional engineer visit to help diagnose the problem, and sometimes a faulty assembly is shipped back to company HQ for damage analysis. All that costs time and money for customers and dealers alike.
Case Study
ELI LILLY ADOPTS MICROMEDIA’S ALERT NOTIFICATION SYSTEM
Pharmaceutical production is subject to a strict set of enforced rules that must be adhered to and compliance to these standards is critically necessary. Due to the efforts of WIN 911’s strategic partner Micromedia, Lilly was able to adopt an alarm notification infrastructure that integrated smoothly with their existing workflows and emergency hardware and protocols. These raw energy sources enable the industrial process to function: electricity, WIN-911 Software | 4020 South Industrial Drive, Suite 120 | Austin, TX 78744 USA industrial steam, iced water, air mixtures of varying quality. Refrigeration towers, boilers and wastewater are monitored by ALERT. Eli Lilly identified 15000 potential variables, but limitations compelled them to chisel the variable list down to 300. This allowed all major alarms to be covered including pressure, discharge, quantity of waste water discharged,temperature, carbon dioxide content, oxygen & sulphur content, and the water’s pH.
Case Study
Covisint Improves Mitsubishi's Collaboration With Its Supply Chain
Mitsubishi sought to improve supplier relationships on a global basis and to offer an easy-to-use solution to interact with them. In August 2004, Mitsubishi selected Covisint’s platform to help improve sharing of information and collaborative business processes with its global suppliers. Covisint enabled Mitsubishi to provide its suppliers with immediate access to information and applications to obtain more collaborative working relationships
