Customer stories

Swisscom AG

Voltage-driven data encryption-as-a-service protects 10 million sensitive customer records in a complex environment

Products and services

OpenText™ Voltage™ SecureData

Solution group

OpenText™ Cybersecurity

Outcomes

10 million sensitive customer records protected
Scalability and flexibility with private cloudbased data encryption-as-a-service
End-to-end data encryption platform with data protection at-rest and in-transit
High availability through robust infrastructure
Full data analysis and phased onboarding reduced risk

Challenge

Protect 10 million sensitive customer data sets across an integrated set of 15 applications without degrading performance or modifying systems.

Details

A data-centric approach to prevent application disruption

When an internal audit revealed that some of the customer data held in the organization’s service provisioning and fulfilment systems was at risk of cyber-attacks, Swisscom senior management mandated the protection of sensitive data. With over 10 million records in a central database accessed by 15 key applications, this could be a complex undertaking, as Dr. Klaus Brand, Product Manager, Swisscom Security Products and Services, explains: “In-system data encryption would mean a deep redesign of businesscritical applications. We were worried about degrading system performance and we did not want to drastically modify our systems and processes in defining a suitable data security strategy. After evaluating different options with our trusted security partner Prewen, we decided to focus on protecting the data, rather than the network, servers, databases, and applications associated with the data. Prewen recommended Voltage SecureData as the way forward. This datacentric approach is database and application agnostic and protects the data both at-rest and in-transit, creating an end-to-end data encryption platform. Most importantly, it employs Format-Preserving Encryption (FPE) which has no impact on data structures, schemas, and applications.”

We are pleased we involved an experienced integration partner from the start. Prewen helped set up our initial environment and trained our Center of Competence members. With their support, SecureData has given us a stable, data-centric, security solution that requires virtually no operational effort on our part.

Dr. Klaus Brand
Product Manager, Swisscom Security Products and Services, Swisscom AG

A Proof-of-Concept (POC) orchestrated by Prewen demonstrated that SecureData could address all issues. Once the decision was made, Dr. Brand’s team and Prewen collaborated in a Center of Competence, thoroughly analyzing all data structures and flows, including the integration points. This gave them a full understanding of the underlying business processes to determine who needs data from which systems. This also told them when sensitive data needed to be presented in plain-text and when it could be encrypted. SecureData’s motto is ‘encrypt at source and decrypt rarely’ which fits Swisscom’s ‘need-to-know’ principle.

Because we had such a comprehensive understanding of how our data flows, SecureData slotted right into our applications, without any changes required. It was very clear that we were working with an enterprise-ready solution.

Dr. Klaus Brand
Product Manager, Swisscom Security Products and Services, Swisscom AG

Phased onboarding to reduce impact and potential risk

This was an enterprise-wide project with full executive sponsorship. Swisscom departments normally have autonomy in their IT decisions, but with this top-down approach, including central budgeting decisions, all priorities were aligned. There was close collaboration to work towards the common goal of protecting sensitive data across the enterprise. The team decided on a data encryption-asa-service approach. This meant the solution would be scalable and could be implemented by other Swisscom teams without having to put the infrastructure in place.

Swisscom decided on a private cloud-hosted SecureData encryption platform set up in two geo-redundant data centers to ensure failover capability. “We created a SecureData development, preproduction, and production environment,” says Dr. Brand. “The end-to-end data encryption was integrated into our enterprise monitoring system and we performed thorough testing, including disaster recovery scenarios. After initial encryption of all data, we decided on a phased onboarding of all 15 systems to reduce impact and potential risk.”

The full data analysis paid dividends in the implementation phase, as Dr. Brand comments: “Because we had such a comprehensive understanding of how our data flows, SecureData slotted right into our applications, without any changes required. It was very clear that we were working with an enterprise-ready solution.”

Data encryption-as-a-service with SecureData

Now that 10 million records across 15 applications are fully encrypted and protected from cyber-attack, Dr. Brand can see the future potential: “We managed the most business-critical applications first, but there are many more applications that would benefit from our data-centric security approach. Data encryption-as-a-service, relying on the SecureData infrastructure and the Center of Competence, is our blueprint for success. Our team can support other business departments in the onboarding process, benefiting from the experience we’ve gained.”

He concludes: “We are pleased we involved an experienced integration partner from the start. Prewen helped set up our initial environment and trained our Center of Competence members. With their support, SecureData has given us a stable, data-centric, security solution that requires virtually no operational effort on our part.”

About Swisscom AG

Swisscom offers mobile telecommunications, fixed network, Internet, and digital TV solutions for business and residential customers. It is also one of the largest IT services providers in Switzerland.

Aviator AIAviator AI

Analytics CloudAnalytics Cloud

Data Lakehouse & AnalyticsData Lakehouse & Analytics

BI, Visualization & ReportingBI, Visualization & Reporting

eDiscovery with AIeDiscovery with AI

OpenText™ Aviator Search

Business Network CloudBusiness Network Cloud

Supply Chain AutomationSupply Chain Automation

B2B IntegrationB2B Integration

Secure CollaborationSecure Collaboration

Supply Chain TraceabilitySupply Chain Traceability

Supply Chain InsightsSupply Chain Insights

Industry Applications and ServicesIndustry Applications and Services

OpenText™ Business Network Aviator

Content CloudContent Cloud

Document ManagementDocument Management

AI Content ManagementAI Content Management

Capture and Intelligent Document ProcessingCapture and Intelligent Document Processing

Process AutomationProcess Automation

Business IntegrationsBusiness Integrations

Information ArchivingInformation Archiving

Industry SolutionsIndustry Solutions

Information GovernanceInformation Governance

OpenText™ Content Aviator

Cybersecurity CloudCybersecurity Cloud

Application Security TestingApplication Security Testing

Data SecurityData Security

Security OperationsSecurity Operations

Identity and Access ManagementIdentity and Access Management

Digital Forensics and Incident ResponseDigital Forensics and Incident Response

OpenText™ Cybersecurity Aviator

DevOps CloudDevOps Cloud

DevOps PlatformDevOps Platform

Functional TestingFunctional Testing

PPM and Strategic Portfolio ManagementPPM and Strategic Portfolio Management

Quality ManagementQuality Management

Performance EngineeringPerformance Engineering

OpenText™ DevOps Aviator

Experience CloudExperience Cloud

Web & Mobile ExperiencesWeb & Mobile Experiences

Contact Center AnalyticsContact Center Analytics

Messaging & FaxMessaging & Fax

Customer CommunicationsCustomer Communications

Digital Asset ManagementDigital Asset Management

Customer Journey and DataCustomer Journey and Data

OpenText™ Experience Aviator

Observability and Service Management CloudObservability and Service Management Cloud

Service ManagementService Management

ObservabilityObservability

AIOpsAIOps

Automation and Vulnerability RemediationAutomation and Vulnerability Remediation

CMDB and Asset ManagementCMDB and Asset Management

OpenText™ Service Management Aviator

OpenText™ ThrustOpenText™ Thrust

OpenText™ Thrust bundleOpenText™ Thrust bundle

OpenText™ Aviator Thrust

Device and Data ProtectionDevice and Data Protection

Enterprise Data Backup and Disaster Recovery SolutionsEnterprise Data Backup and Disaster Recovery Solutions

Unified Endpoint Management ToolsUnified Endpoint Management Tools

Hybrid Work, Email, and Team Collaboration Hybrid Work, Email, and Team Collaboration

Email Archiving, E-Discovery, Data Archiving ComplianceEmail Archiving, E-Discovery, Data Archiving Compliance

Connectivity and Document ManagementConnectivity and Document Management

Information reimaginedInformation reimagined

Artificial IntelligenceArtificial Intelligence

IndustryIndustry

Enterprise ApplicationsEnterprise Applications

Your journey to successYour journey to success

Customer SupportCustomer Support

Customer Success ServicesCustomer Success Services

Consulting ServicesConsulting Services

Cloud MigrationCloud Migration

NextGen ServicesNextGen Services

Latest product releasesLatest product releases

Learning ServicesLearning Services

Managed ServicesManaged Services

Find an OpenText PartnerFind an OpenText Partner

Find a Partner SolutionFind a Partner Solution

Grow as a PartnerGrow as a Partner

Become a Partner

Resource libraryResource library

Aviator AI

Analytics Cloud

Data Lakehouse & Analytics

BI, Visualization & Reporting

eDiscovery with AI

Business Network Cloud

Supply Chain Automation

B2B Integration

Secure Collaboration

Supply Chain Traceability

Supply Chain Insights

Industry Applications and Services

Content Cloud

Document Management

AI Content Management

Capture and Intelligent Document Processing

Process Automation

Business Integrations

Information Archiving

Industry Solutions

Information Governance

Cybersecurity Cloud

Application Security Testing

Data Security

Security Operations

Identity and Access Management

Digital Forensics and Incident Response

DevOps Cloud

DevOps Platform

Functional Testing

PPM and Strategic Portfolio Management

Quality Management

Performance Engineering

Experience Cloud

Web & Mobile Experiences

Contact Center Analytics

Messaging & Fax

Customer Communications

Digital Asset Management

Customer Journey and Data

Observability and Service Management Cloud

Service Management

Observability

AIOps

Automation and Vulnerability Remediation

CMDB and Asset Management

OpenText™ Thrust

OpenText™ Thrust bundle

Device and Data Protection

Enterprise Data Backup and Disaster Recovery Solutions

Unified Endpoint Management Tools

Hybrid Work, Email, and Team Collaboration

Email Archiving, E-Discovery, Data Archiving Compliance

Connectivity and Document Management

Information reimagined

Artificial Intelligence

Industry

Enterprise Applications

Your journey to success

Customer Support

Customer Success Services

Consulting Services

Cloud Migration

NextGen Services

Latest product releases

Learning Services

Managed Services

Find an OpenText Partner

Find a Partner Solution

Grow as a Partner

Resource library

Blogs

Events

Communities

Customer stories

OpenText Navigator

Marketplace