NHBC Adopts MOVEit to Secure, Manage and Track Internal and External Document Transfers

Now all users move their files securely and transparently between themselves and with third parties with MOVEit.

The Challenge

NHBC (National House-Building Council) is the leading warranty and insurance provider and standards setter in UK house-building for new and newly-converted homes. NHBC began in 1936 as the National House-Builders Registration Council (NHBRC). By 1973 it was renamed as NHBC, and in 2011 marked 75 years of raising standards in UK house-building to protect homeowners. NHBC’s business straddles the heavily regulated insurance and building sectors, and its daily activities demand a constant flow of secure, confidential, copyright and personal documents and communications between internal departments and with external stakeholders, such as solicitors, lawyers, builders, architects and homeowners.

Wayne Watson, information security manager at NHBC explained: “We are audited every year by the Financial Conduct Authority (FCA), and we also mandate our own internal audits built around stringent ISO 27000 information security standards. Our challenge is to prove to regulators and ourselves that all files and data going in and out of the company are secure, managed and fully auditable.”

The Vision

NHBC wanted a single, highly secure enterprise-class managed file transfer (MFT) solution that employees and external stakeholders could easily use.

NHBC needed a unified managed file transfer platform that would:

• Ensure complete visibility for files moving in-and-out of the organization
• Provide total transparency for audits and compliance with internal and industry regulators
• Thoroughly and regularly report data movement activities within the company
• Replace an assortment of user-sourced file transfer applications
• Eliminate temptation to transfer documents via removable media, smart devices or email
• Prevent leaks of confidential business or personnel information by users or external stakeholders

The Solution

NHBC chose MOVEit, a secure managed file transfer system that combines best-in-class encryption technologies with security best practices to protect critical data. MOVEit can be deployed on-premise, in the Cloud, or in a mixed on-premise and cloud environment.

Watson said: "We ask all of our employees to make use of the MOVEit platform so that we can have full visibility of file transfers and assurance about what is being moved around the business. We're primarily concerned about financial data and confidential business information, but we try to encourage everyone to use MOVEit regardless of the type of data they need to transfer.“

Ensuring secure data transfer best practice with a simple and popular alternative

Now all users move their files securely and transparently between themselves and with third parties with MOVEit. This is critical for the IT department to keep an eye on data transfers, and eliminate data leakage through inadequate tools and bad practice. "For a company like ours secure financial information, confidential customer information and private personal identification data is extremely important,” said Watson.

Managing and tracking document movement to meet internal and industry compliance

Because the housing and insurance industries are heavily regulated, the company has decided that the best approach is to monitor and track all movement of documents.

Since implementing MOVEit, NHBC has gained:

• Full compliance with internal practices built around ISO 27000 security standards, and industry regulations including those set by the FCA and DPA
• Complete visibility of documents and files coming in and out of the business, coupled with monitoring and management capabilities to maintain best practices
• Removal of a proliferation of unsecured, untraceable consumer-oriented file-sharing tools, as well as bad habits such as transferring business critical data on USB keys, CDs and email
• Confidence that data relating to business practices, as well as external stakeholders including lawyers, developers and homeowners, is protected and well managed
• Fast, secure and reliable anytime/anywhere access to business-critical files based on best practice data security policies

"We use MOVEit extensively ourselves here in the IT department, and more and more people are requesting to use it every day, which can only be a good thing," said Watson.

Ipswitch MOVEit delivers best practice and peace of mind in one platform

The risk of financial censure and loss of reputation by allowing users to continue transferring documents without security, management or traceability was unthinkable. Non-compliance with FCA regulations can incur fines of up to £250,000 at a time, and NHBC had to protect a reputable 75-year-old business trademark. NHBC needed a robust, powerful solution that was easy-to-use and would be accepted by business users and external stakeholders. IpswitchFT and its MOVEit platform fitted the bill perfectly.

Watson said: “It brings me peace of mind to know that I can see what is going in and out of the business, and can monitor everybody’s usage of MOVEit. From an IT and a business perspective, it makes absolute sense to establish best practices on a platform like MOVEit, rather than risk the company’s reputation by allowing users freedom to choose uncontrollable consumer apps, open source tools or internet-based services.”