Case Study: Transend Services

Security is a vital element of the business of Transend Services of Ottawa, Ontario, Canada. Transend provides outsourced financial-settlement services to financial institutions, health-care companies, and manufacturing firms. It handles the financial supply chain for companies in highly regulated businesses. It is crucial that the company be able to provide an environment that is demonstrably secure to help clients meet the demands of their businesses, including regulators. Transend not only has to settle payments between invoices and purchase orders, but also must ensure the presentation of documentation as well.

According to Brent Luckman, CEO of Transend, securing data in transit and at rest was paramount. The company needed to prove to clients that data was protected from prying eyes, even when the data was sitting securely on a disk or tape. Clients needed to be assured that the data was safe from external hackers, internal malfeasance, and other clients. Failure to do so could have dire consequences.

The solution was a multilayer security system that set several obstacles in the path of intruders. Because Transend had begun with a NAS environment, IP security techniques were deployed first, including two deep firewalls that deployed different technology; Virtual Private Networks; IDS, virtual LANs; and separate networks for development, testing, preproduction, and production.

As the company began to deploy SANs, it added LUN masking and zoning to the security profile. According to Michael Kapuscinsky, security and storage specialist at Transend, these provided a level of security that fit the perceived risks at a reasonable cost.

To protect data at rest, security appliances by NeoScale Systems were used to encrypt data as it moved to disks and tapes. Through the use of these appliances, Transend was able to use encryption while meeting the performance requirements of its applications. With the NeoScale appliances, only a few Transend and client employees were capable of accessing data on disk or tape even if the data were in some way reachable. The security appliances also provided for firewall-type isolation in the SAN environment.

Using this collection of techniques, Transend was able to assure customers that their data was secure, both at rest and in transit, and that the infrastructure was secure. Clients could outsource important financial processing while maintaining a secure environment that met their internal needs and the requirements of regulators.