LiftFund’s story of meeting compliance while helping small businesses
How NetLib Security’s Encryptionizer assisted a nonprofit in their mission
Compliance regulations continue to drive companies toward seeking optimal data security solutions. Meeting such standards was the goal for LiftFund, a nonprofit CDFI (Community Development Financial Institution) approaching three decades of business, with a focus on microlending to small businesses that may be unable to afford standard banking options. Since beginning its journey, the company has made more than 23,000 such loans, for a total of over $372 million. It also offers free educational services to its borrowers so that they can become self-sufficient in the future. With a varied client base, including small businesses and startups, and partnerships with financial institutions, the requirements for compliance were pressing.
Ultimately, they turned to a valued consultant, one that has worked with NetLib Security for a number of years and installed solutions for other customers. This consultant helped LiftFund to discover NetLib Security’s Encryptionizer: a unique solution to transparently encrypt stored data on Windows servers and connected devices. Those looking to secure data and achieve compliance can do so with virtually no changes to performance or program code.
What LiftFund needed was a solution that could help mitigate the risk of their customers’ data being compromised, as well as protect their own Personally Identifiable Information (PII) from malicious actors or accidents. Encrypting their databases, folders and IIS was of paramount importance to this goal, as they sought compliance with SOC 2 (Service Organization Control 2) and GLBA (Gramm-Leach-Bliley Act). Ease of deployment, cost efficiency, and securing their application data on site were further factors in their decision, as they are a nonprofit that assists other companies in need.
As Neil Weicher, Founder and CTO of NetLib Security says: “LiftFund was required to come into compliance with several third party applications that store sensitive data and Encryptionizer was the only product that was able to satisfy their requirements. Besides data stored in SQL Server databases, they also had IIS attachments (eg, PDFs) which needed to be encrypted so they could be viewed only through the authorized applications. It was a pleasure working with such an experienced and dedicated group of people on such an important mission.”
Since implementing Encryptionizer, LiftFund has already begun meeting their business needs. According to DK Thepuatrakul, Vice President of Information Technology, NetLib Security is integrated with almost all of their on-premise systems, which accounts for a number of their applications. Beyond SQL Server, this included securing several third party applications. Working together with NetLib Security to help meet their specific parameters, LiftFund has also implemented Encryptionizer to be ready for SOC 2 certification before the year is over.
“At LiftFund, we developed our own proprietary loan origination platform since 2006. We have been and are still continuously developing and adding more programs to integrate with many cloud-based software that help us work more efficiently to serve the company growth,” said DK Thepuatrakul, Vice President of Information Technology at LiftFund. “We have quite complicated systems both cloud and on-premises. To prepare LiftFund for SOC II compliance, at first I had some concerns whether we could find a software solution that could protect everything we had. NetLib Securitty met all the challenges and worked with us to ensure that all sensitive data would be protected in our environment. Now we are ready and NetLib Security has given us the confidence to meet SOC II compliance requirements.”
NetLib Security transparently encrypts data on servers, legacy systems, devices and distributed applications. Our unique encryption solutions are a cost effective, easy way to proactively and transparently protect your data. Encryptionizer is our powerful platform that encrypts stored data right out of the box. It can also secure almost any desktop and server database on the Windows platform, such as PostgreSQL, MySQL, Microsoft Access, and others, while directly assisting with compliance requirements.