Looking to comply with Information and Cyber Security Guidelines 2023?

IRDAI's new data-centric security requirements
for the Indian Insurance Industry.

Let's Talk Get the Key Insights

The What, Why, and How of
ICS Guidelines 2023 Compliance for Insurance Intermediaries

Thales offers integrated solutions focusing on
the 6 key security domain policies

Overview:

IRDAI’s Information and
Cyber Security Guidelines 2023

discuss

A data-centric security approach. Secure the data and not just just the network or system it is stored in.

The ICS Guidelines 2023 mandates Regulated Entities (RE) to adopt a risk-based approach, take necessary measures to secure data management, and mitigate cyber threats against loss, misuse, or leak of sensitive customer information in any form.

discuss

Applicability

On 24 April 2023, the IRDAI issued the new Information and Cyber Security Guidelines 2023, superseding the 2017 Guidelines, to ensure the security of organizational information assets through updated security mechanisms, threat prevention, governance, and employee awareness.

Source

Who needs to comply

Brokers and Corporate Agents

Foreign reinsurance businesses (FRBs),

Web aggregators, Corporate surveyors

3rd-party administrators (TPAs)

Insurance marketing firms (IMFs)

Insurance repositories

Insurance self-network platforms (ISNPs)

Motor insurance service providers (MISPs)

Common service centers (CSCs)

Insurance Information Bureau of India (IIB)

Thales helps organizations comply with
ICS Guidelines 2023 by addressing 6 security domain policies.

Security Domain Policies &
Thales Solution

meeting

Assign classification rating to information assets - Confidential, Restricted, Internal, Public

User authentication to uniquely identify each user/administrator. Provide for periodic review and audit of storage environments.

Encrypt or use a secured channel for transfer outside the network. Authorized resources manage and protect encryption keys.

Authorized resources manage and protect encryption keys

Secure SPI at the same level as confidential information.

CipherTrust Data Discovery and Classification quickly identifies structured and unstructured sensitive data, highlighting security risks and compliance gaps on-premises and in the cloud.

Data Security Fabric quickly identifies structured and unstructured sensitive data, highlighting security risks and compliance gaps on-premises and in the cloud.

CipherTrust Transparent Encryption quickly identifies structured and unstructured sensitive data, highlighting security risks and compliance gaps on-premises and in the cloud.

CipherTrust Tokenization with dynamic data masking allows for pseudonymization of sensitive information in databases, enabling aggregate data analysis without exposing sensitive data during analysis or reports.

CipherTrust Enterprise Key Management enhances key management in cloud and enterprise environments, providing high security and centralization for encryption and third-party applications, and enabling effective data deletion through encryption keys destruction.

CipherTrust Transparent Encryption quickly identifies structured and unstructured sensitive data, highlighting security risks and compliance gaps on-premises and in the cloud.

CipherTrust Tokenization with dynamic data masking allows for pseudonymization of sensitive information in databases, enabling aggregate data analysis without exposing sensitive data during analysis or reports.

CipherTrust Enterprise Key Management enhances key management in cloud and enterprise environments, providing high security and centralization for encryption and third-party applications, and enabling effective data deletion through encryption keys destruction.

CipherTrust Transparent Encryption quickly identifies structured and unstructured sensitive data, highlighting security risks and compliance gaps on-premises and in the cloud.

CipherTrust Tokenization with dynamic data masking allows for pseudonymization of sensitive information in databases, enabling aggregate data analysis without exposing sensitive data during analysis or reports.

CipherTrust Enterprise Key Management enhances key management in cloud and enterprise environments, providing high security and centralization for encryption and third-party applications, and enabling effective data deletion through encryption keys destruction.

CipherTrust Transparent Encryption quickly identifies structured and unstructured sensitive data, highlighting security risks and compliance gaps on-premises and in the cloud.

CipherTrust Tokenization with dynamic data masking allows for pseudonymization of sensitive information in databases, enabling aggregate data analysis without exposing sensitive data during analysis or reports.

CipherTrust Enterprise Key Management enhances key management in cloud and enterprise environments, providing high security and centralization for encryption and third-party applications, and enabling effective data deletion through encryption keys destruction.

Classify data as per the data classification policy. Classify other assets based on business needs, legal requirements & CIA concerns.

Mark every asset for identification and inventory control.

Clearly identify assets individually and collectively.

Maintain authorization mechanism details for all assets

Organization-owned: owner & authorization features
Non-Organization-owned: two-factor authentication parameters

Use client certificates to authenticate hardware assets. Obtain authorizations for taking assets out of premises. Securely erase data before taking assets out for repairs/replacement.

Dispose of critical & sensitive information securely. Remove information from equipment before disposal. Use cryptographic techniques to protect data on removable media.

CipherTrust Data Discovery and Classification identifies structured and unstructured sensitive data on-premises and in the cloud. Built-in templates enable rapid identification of regulated data, highlight security risks, and help uncover compliance gaps.

CipherTrust Data Discovery and Classification identifies structured and unstructured sensitive data on-premises and in the cloud. Built-in templates enable rapid identification of regulated data, highlight security risks, and help uncover compliance gaps.

CipherTrust Data Discovery and Classification identifies structured and unstructured sensitive data on-premises and in the cloud. Built-in templates enable rapid identification of regulated data, highlight security risks, and help uncover compliance gaps.

CipherTrust Secrets Management protects and automates access to secrets across DevOps tools and cloud workloads including secrets, credentials, certificates, API keys, and tokens. Combining secrets management with key management is like having a fortified vault for all your valuable assets in one place for inventory control.

CipherTrust Secrets Management protects and automates access to secrets across DevOps tools and cloud workloads including secrets, credentials, certificates, API keys, and tokens. Combining secrets management with key management is like having a fortified vault for all your valuable assets in one place for inventory control.

CipherTrust Enterprise Key Management streamlines and strengthens key management in cloud and enterprise environments, ensuring secure asset disposal and effective deletion of encrypted information using FIPS 140-2-compliant virtual or hardware appliances.

Enforce segregation of duties and "need to know" principle for user access levels

Limit privileged accounts to individuals with specific business justification. Maintain audit logging of system activities by privileged users.

Maintain evidence for granting, revoking, or changing remote access privileges in a repository

Thales OneWelcome identity and access management solutions backed by strong authentication, granular access policies, and fine-grained authorization, ensure the right user accesses resources at the right time.

SafeNet Trusted Access (STA) is a cloud-based access management solution that integrates single sign-on, multi-factor authentication, and scenario-based policies. It provides a single-pane view of access events, an audit trail, and automated reports for secure access enforcement and authentication.

Thales OneWelcome identity and access management solutions backed by strong authentication, granular access policies, and fine-grained authorization, ensure the right user accesses resources at the right time.

SafeNet Trusted Access (STA) is a cloud-based access management solution that integrates single sign-on, multi-factor authentication, and scenario-based policies. It provides a single-pane view of access events, an audit trail, and automated reports for secure access enforcement and authentication.

Thales OneWelcome identity and access management solutions backed by strong authentication, granular access policies, and fine-grained authorization, ensure the right user accesses resources at the right time.

SafeNet Trusted Access (STA) is a cloud-based access management solution that integrates single sign-on, multi-factor authentication, and scenario-based policies. It provides a single-pane view of access events, an audit trail, and automated reports for secure access enforcement and authentication.

Configure systems to log activities & generate alerts for unusual activity.

CipherTrust Transparent Encryption Ransomware Protection (CTE-RWP) detects abnormal processes, alerts or blocks malicious activities like excessive data access, exfiltration, unauthorized encryption, or user impersonation.

Use cryptographic controls to secure confidential & restricted information. Encrypt static or reusable authentication information during storage and network transfer.

Develop and implement policy on the use, protection & lifetime of cryptographic keys.

CipherTrust Secrets Management is a state-of-the-art secrets management solution, which protects and automates access to secrets across DevOps tools and cloud workloads including secrets, credentials, certificates, API keys, and tokens thus ensuring all static or reusable authentication information shall be encrypted during storage and while in use.

CipherTrust Manager enables organizations to centrally manage encryption keys, provide granular access control and configure security policies.

Thales Luna Hardware Security Modules (HSMs) provide a secure environment for cryptographic processing, key generation, and encryption. They are available on-premises, in the cloud, and in hybrid environments, supporting root and certificate authority keys, sign application code, and create digital certificates.

Ensure the cloud provider supports KMIP for standardized key management. Prefer FIPS 140-2/3 hardware encryption keys. Devise encryption and key management procedures.

Ensure cloud application security per existing policies.

CipherTrust Enterprise Key Management streamlines and centralizes key management in cloud and enterprise environments for home-grown encryption, and support KMIP as well as third-party applications.

CipherTrust Cloud Key Management allows organizations to separate the keys from the data stored in the cloud, preventing unauthorized data access by the Cloud Service Provider by using the Hold-Your-Own-Key (HYOK) technology, organizations retain full control and ownership of their data by controlling encryption key access.

CipherTrust Platform Community Edition
CipherTrust Platform Community Edition makes it easy for DevSecOps to deploy data protection controls in hybrid and multi-cloud applications.
CipherTrust Secrets Management
CipherTrust Secrets Management is a state-of-the-art secrets management solution, which protects and automates access to secrets across DevOps tools and cloud workloads including secrets, credentials, certificates, API keys, and tokens.
CipherTrust Application Data Protection
CipherTrust Application Data Protection offers developer-friendly software tools for encryption key management as well as application-level encryption of sensitive data.
Thales Data Protection on Demand (DPoD)
Thales Data Protection on Demand (DPoD) is a cloud-based marketplace that offers Luna HSMs and CipherTrust solutions as a service.

Get in Touch

We Are Here to Help You

Eeshan Sidhartha

Eeshan Sidhartha

Regional Sales Head

eeshan.sidhartha@thalesgroup.com

Connect with me on LinkedIn

Asim Kumar

Asim Kumar

Regional Sales Head

asim.kurmar@thalesgroup.com

Connect with me on LinkedIn

Let's Collaborate!

Drop your business email, and we will contact you without delay.

Need more information ?

dsp

CipherTrust Data Security Platform (DSP)

Discover, protect and control sensitive data anywhere with next-generation unified data protection

Begin Self-guided Tour

dsp

Private Indian Bank Case Study

Thales Helps One of India’s Largest Private Banks Streamline Key Management Across Multiple Cloud Services

dsp

CipherTrust Platform Community Edition

The CipherTrust Platform Community Edition provides key management and encryption tools to protect PII and sensitive data immediately, with no expiration date.