Keeping customer and company data secure is an unspelt commandment when it comes to banking and HDFC Bank has tried to follow it religiously by deploying Infosource, a Seclore security offering. Known for being forward looking and an enthusiastic adopter of technology, let us get behind the scenes to understand what made HDFC Bank choose Infosource.
About HDFC Bank
The Housing Development Finance Corporation Limited (HDFC) was amongst the first to receive an “in principle” approval from the Reserve Bank of India (RBI) to set up a bank in the private sector, as part of RBI”s liberalisation of the Indian Banking Industry in 1994. The bank was incorporated in August 1994 in the name of “HDFC Bank Limited”, with its registered office in Mumbai, India. HDFC Bank commenced operations as a Scheduled Commercial Bank in January 1995.
One of the challenges that HDFC was facing revolved around sending customer data to their business partners for processing, which is later distributed to their customers. They were caught at various points, for instance, how to ensure that it is only the application that is processing at the business provider’s end and how to ensure that the data is not tampered with, extending access to both view and use. In HDFC’s case, there were some unique challenges like the size of the operation. The bank has many outsourcing partners and to figure out what information is going to which outsourcing partner and whether it is information that needs to be protected at all was a challenge.
It was a fairly small integration activity and as Infosource wasn’t a core banking application no major change had to be made in the infrastructure. From a vendor application perspective, it can be seen as a medium-level change. HDFC was in constant touch with Seclore’s third party business partners, who were working with Seclore, to get the integration in place. The change happened smoothly and successfully. Infosource served HDFC purpose of compatibility and security.
HDFC’s requirement was that their data should not be seen by anyone and could be opened by the application only. With Infosource, as soon as the application process starts it uses various keys to open the information and processes it and then the future use of the data is determined. Infosource is a specialist information security system for outsourcing operations. The way it works is that whenever enterprises are outsourcing and in that process sharing confidential information or customer data with their outsourcing partners, it helps in ensuring that the data is under the control of the enterprise and follows the enterprise’s information security policy and not the vendor’s. The data, which is sent across is encrypted and configured for a specific kind of usage, which could mean restricting the computers or the physical infrastructure on which the information can be used, restricting the number of times that it can be used, the manner of usage of the information etc.
One of the major benefits accrued from this deployment is the comfort of knowing that the information is safe from end-to-end. In today’s world, where the boundaries of the organisation’s functionality are disappearing, we are dependent on different business providers to process our customer information. Given that requirement, we still want to control how that information is used and processed by the service providers. Infosource has allowed HDFC to do that.
Customers’ confidential information, which would have otherwise left the organisation without any controls, is now getting protected with rights and policies defined by the bank itself and not the vendor.