Security for Data Transfers:
Security for Data Transfers The Business Need
Volkswagen Germany (VWAG)
wants information on the daily cash position of
Volkswagen Credit (VCI-US)
Security for Data Transfers:
Security for Data Transfers The Problem
How do we protect non-public customer data that is being electronically transmitted from the United States to Germany
Security for Data Transfers:
Security for Data Transfers Problem Specifics
Legal
Federal laws have specific rules & guidelines on what type of information is allowed out of the country.
US Consumer & Privacy laws must be followed in all cases.
Security for Data Transfers:
Security for Data Transfers Problem Specifics
Data
For that information that can be sent:
Both parties must agree on data mappings, definitions, and data types.
The originating data source is Sybase
The receiving data source is Oracle / SAP
Security for Data Transfers:
Security for Data Transfers Problem Specifics
Transport
A secure mechanism for transport must be selected that is acceptable to both parties
Solution -> Secure FTP was chosen
Security for Data Transfers:
Security for Data Transfers Problem Specifics
Encryption
The data must be encrypted to ensure privacy, confidentiality, and integrity for:
Both the Corporation & Customer
Solution: GNU Privacy Guard
128-bit Open PGP
Security for Data Transfers:
Security for Data Transfers Solutions
Legal – Adhere to Data privacy & exportation laws
Data – Only send what the receiver needs
Transport – Compatible for receiver and sender
Encryption – Must be secure and standard