NHBC (National House-Building Council) is the leading warranty and insurance provider and standards setter in UK house-building for new and newly-converted homes. NHBC began in 1936 as the National House-Builders Registration Council (NHBRC). By 1973 it was renamed as NHBC, and in 2011 marked 75 years of raising standards in UK house-building to protect homeowners. NHBC’s business straddles the heavily regulated insurance and building sectors, and its daily activities demand a constant ﬂow of secure, confidential, copyright and personal documents and communications between internal departments and with external stakeholders, such as solicitors, lawyers, builders, architects and homeowners.
Wayne Watson, information security manager at NHBC explained: “We are audited every year by the Financial Conduct Authority (FCA), and we also mandate our own internal audits built around stringent ISO 27000 information security standards. Our challenge is to prove to regulators and ourselves that all files and data going in and out of the company are secure, managed and fully auditable.”
NHBC wanted a single, highly secure enterprise-class managed file transfer (MFT) solution that employees and external stakeholders could easily use.
NHBC needed a unified managed file transfer platform that would:
NHBC chose MOVEit, a secure managed file transfer system that combines best-in-class encryption technologies with security best practices to protect critical data. MOVEit can be deployed on-premise, in the Cloud, or in a mixed on-premise and cloud environment.
Watson said: "We ask all of our employees to make use of the MOVEit platform so that we can have full visibility of file transfers and assurance about what is being moved around the business. We're primarily concerned about financial data and confidential business information, but we try to encourage everyone to use MOVEit regardless of the type of data they need to transfer.“
Now all users move their files securely and transparently between themselves and with third parties with MOVEit. This is critical for the IT department to keep an eye on data transfers, and eliminate data leakage through inadequate tools and bad practice. "For a company like ours secure financial information, confidential customer information and private personal identification data is extremely important,” said Watson.
Because the housing and insurance industries are heavily regulated, the company has decided that the best approach is to monitor and track all movement of documents.
Since implementing MOVEit, NHBC has gained:
"We use MOVEit extensively ourselves here in the IT department, and more and more people are requesting to use it every day, which can only be a good thing," said Watson.
The risk of financial censure and loss of reputation by allowing users to continue transferring documents without security, management or traceability was unthinkable. Non-compliance with FCA regulations can incur fines of up to £250,000 at a time, and NHBC had to protect a reputable 75-year-old business trademark. NHBC needed a robust, powerful solution that was easy-to-use and would be accepted by business users and external stakeholders. IpswitchFT and its MOVEit platform fitted the bill perfectly.
Watson said: “It brings me peace of mind to know that I can see what is going in and out of the business, and can monitor everybody’s usage of MOVEit. From an IT and a business perspective, it makes absolute sense to establish best practices on a platform like MOVEit, rather than risk the company’s reputation by allowing users freedom to choose uncontrollable consumer apps, open source tools or internet-based services.”