Follett Higher Education Group Selects Thales HSMs

Thales announces that Follett Higher Education Group has selected its encryption and key management solutions. As a result Follett has eliminated time-consuming manual processes for managing encryption keys a key requirement for compliance under the Payment Card Industry Data Security Standard (PCI DSS).

Follett Higher Education Group sells more than 23 million textbooks annually in stores and online, and operates more than 700 campus bookstores for colleges and universities across the United States. For every transaction the company protects its customers' personal data from breaches, complying with PCI DSS. Prior to selecting the Thales solution Follett security administrators manually replaced or rotated old encryption keys by hand in order to fulfill one of the PCI DSS requirements.

By installing Thales hardware security modules (HSMs) from the nCipher product line, Follett has substituted time consuming and unreliable manual processes with an automated key management, storage and generation process. Thales HSMs are deployed on a server and safely distribute encryption keys to Follett's e-commerce and point of sale systems. As a result Follett can rotate encryption keys in a fraction of the time compared with the manual process. Thales HSMs also store the encryption keys in hardware, a best practice for protecting encryption keys.

After evaluating a number of competitive solutions on the market, Follett selected Thales HSMs based on the solution's flexibility and ease-of-use. Follett also capitalized on Thales's professional services team, which reviewed the company's security procedures, policies, and systems. The team then developed an implementation plan that fully supported Follett's needs and continued PCI DSS compliance.

write your comments about the article :: 2009 Computing News :: home page