The Australian Prudential Regulation Authority's (APRA) Information Security Standard CPS 234

Comprehensive Data Protection Platform for APRA Regulation CPS 234 compliance


With CPS 234 Regulators, standard-setters and financial services institutions are coming together to boost resilience against evolving threats.

What is CPS 234?
The Australian Prudential Regulation Authority's (APRA) Information Security Standard CPS 234 commenced on the 1st of July 2019 and mandates all APRA regulated entities to build the information security controls, capabilities, and measures to be resilient against security incidents, including cyber-attacks.

The entities need to bolster their hold upon information asset identification and classification, roles and responsibilities around information security with clear Segregation of Duties, implementation and testing of information security controls, internal audits, incident management, and breach notification.

CPS 234 calls for protective measures to be in tandem with the size of the business and the threats faced. Any third party that manages the information held by an APRA regulated company also needs to comply.
CPS Overview

How Fortanix can help you meet CPS 234 compliance?

Apart from boasting a FIPS 140-2 Level 3 security policy with unmatched flexibility and scalability, the Fortanix Data Security Manager SaaS offers a broad range of security controls to help businesses meet their compliance standards.

CPS Diagram

How it helps?

benefits icon
Protect data wherever
it’s residing
Fortanix DSM SaaS with integrated HSM, key management, encryption, shared secrets, and tokenization capabilities can facilitate data security at every level of the enterprise data stack, including applications, database, file system, full disk, and network-attached storage levels.
benefits icon
Centralized key management and security policies on-premises and multi-Cloud
Complete key lifecycle management as a service for secure and consistent key management across on-premises and multi-cloud environments. Applications and databases converge upon a single source of cryptographic services, and the security team gets a single pane of glass view of the entire ecosystem.
benefits icon
Fine-grained access controls for
users and data
Only the authorized processor gets access to the required data and only for the duration for which a business case exists.
benefits icon
With Fortanix, you can substitute token for sensitive data using a REST API to achieve privacy compliance. This helps eliminate the link to sensitive data and protect against data breaches.
benefits icon
Transparent Database
Fortanix integrates with native database encryption to manage and store the cryptographic keys required to encrypt all your databases including Oracle, MS SQL Server, MongoDB, PostgreSQL, MySQL, Maria DB, IBM DB2, and more.
Start your free trial
DSM SaaS Thumb