Fortra Case Studies Enhancing Security and Compliance in Banking: A Case Study of Merchant Bank of Sri Lanka & Finance

Edit This Case Study Record

	Enhancing Security and Compliance in Banking: A Case Study of Merchant Bank of Sri Lanka & Finance Fortra

Enhancing Security and Compliance in Banking: A Case Study of Merchant Bank of Sri Lanka & Finance

Fortra

Technology Category	Cybersecurity & Privacy - Malware Protection Cybersecurity & Privacy - Security Compliance
Applicable Industries	Finance & Insurance National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Leasing Finance Automation Tamper Detection
Services	Cybersecurity Services System Integration
Challenge	Merchant Bank of Sri Lanka & Finance PLC (MBSL) is a leading financial service provider in Sri Lanka, with over 40 branches across the country. The bank's core banking system is the IBM i, a powerful operating system known for its robust security mechanisms. However, the bank faced challenges in ensuring maximum security and compliance, particularly in mitigating the risk of internal security breaches caused by powerful users or administrators. The bank also needed to comply with the Baseline Security Standard and Regulatory Framework on Technology Risk Management and Resilience for Licensed Finance Companies issued by the Central Bank Sri Lanka (CBSL). Furthermore, MBSL needed greater control and visibility into user activities, such as accessing, downloading, and uploading data. The bank also faced challenges in managing access to sensitive data, reducing the time spent on password resets, and generating audit reports efficiently. Read More
About Customer	Merchant Bank of Sri Lanka & Finance PLC (MBSL) is a leading financial service provider in Sri Lanka. The bank is listed on the Colombo Stock Exchange and is licensed by the Central Bank of Sri Lanka. As one of the most stable finance companies in the country, MBSL has more than 40 branches across the island and serves customers with diverse financial needs. The bank's core banking system is the IBM i, a powerful operating system known for its robust security mechanisms. Ensuring maximum security and compliance is a top priority for MBSL, given its large customer base and the sensitive nature of the financial data it handles. Read More
Solution	To address these challenges, MBSL implemented multiple Powertech software solutions over a period of 5 years. The bank started with the highest priority items and worked in stages to achieve compliance with CBSL’s requirements. MBSL invested in Powertech Antivirus to meet CBSL regulation and ISO 27001 requirements and to protect its production servers from viruses. The bank also implemented Powertech Exit Point Manager for IBM i to control access to IBM i and monitor user activities. To manage access to sensitive data, MBSL used Powertech Authority Broker for IBM i, which provides the necessary access to users and records every screen, creating an audit trail. The bank also implemented Powertech Database Monitor for IBM i to monitor who is reading data and making changes to transactions. To reduce the time spent on password resets, MBSL implemented Powertech Password Self Help for IBM i. Finally, to generate audit reports efficiently, the bank implemented Powertech Compliance Monitor for IBM i. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Malware Protection

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Finance & Insurance

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Leasing Finance Automation

Tamper Detection

Services

Cybersecurity Services

System Integration

Challenge

Merchant Bank of Sri Lanka & Finance PLC (MBSL) is a leading financial service provider in Sri Lanka, with over 40 branches across the country. The bank's core banking system is the IBM i, a powerful operating system known for its robust security mechanisms. However, the bank faced challenges in ensuring maximum security and compliance, particularly in mitigating the risk of internal security breaches caused by powerful users or administrators. The bank also needed to comply with the Baseline Security Standard and Regulatory Framework on Technology Risk Management and Resilience for Licensed Finance Companies issued by the Central Bank Sri Lanka (CBSL). Furthermore, MBSL needed greater control and visibility into user activities, such as accessing, downloading, and uploading data. The bank also faced challenges in managing access to sensitive data, reducing the time spent on password resets, and generating audit reports efficiently.

About Customer

Merchant Bank of Sri Lanka & Finance PLC (MBSL) is a leading financial service provider in Sri Lanka. The bank is listed on the Colombo Stock Exchange and is licensed by the Central Bank of Sri Lanka. As one of the most stable finance companies in the country, MBSL has more than 40 branches across the island and serves customers with diverse financial needs. The bank's core banking system is the IBM i, a powerful operating system known for its robust security mechanisms. Ensuring maximum security and compliance is a top priority for MBSL, given its large customer base and the sensitive nature of the financial data it handles.

Solution

To address these challenges, MBSL implemented multiple Powertech software solutions over a period of 5 years. The bank started with the highest priority items and worked in stages to achieve compliance with CBSL’s requirements. MBSL invested in Powertech Antivirus to meet CBSL regulation and ISO 27001 requirements and to protect its production servers from viruses. The bank also implemented Powertech Exit Point Manager for IBM i to control access to IBM i and monitor user activities. To manage access to sensitive data, MBSL used Powertech Authority Broker for IBM i, which provides the necessary access to users and records every screen, creating an audit trail. The bank also implemented Powertech Database Monitor for IBM i to monitor who is reading data and making changes to transactions. To reduce the time spent on password resets, MBSL implemented Powertech Password Self Help for IBM i. Finally, to generate audit reports efficiently, the bank implemented Powertech Compliance Monitor for IBM i.

Impact #1	The implementation of Powertech solutions has significantly improved MBSL's security and compliance. The multi-layered approach to cybersecurity has ensured that no security gaps are left exposed, providing peace of mind to the bank. The bank now has greater control and visibility into user activities, which has enhanced its ability to prevent unauthorized access and data breaches. The implementation of Powertech Authority Broker for IBM i has helped strike the right balance between security and efficiency, ensuring that users have the necessary access without compromising security. The use of Powertech Database Monitor for IBM i has improved the bank's ability to monitor data access and changes to transactions in real time. Finally, the implementation of Powertech Password Self Help for IBM i has improved the user experience by reducing the time spent on password resets.

Impact #1

The implementation of Powertech solutions has significantly improved MBSL's security and compliance. The multi-layered approach to cybersecurity has ensured that no security gaps are left exposed, providing peace of mind to the bank. The bank now has greater control and visibility into user activities, which has enhanced its ability to prevent unauthorized access and data breaches. The implementation of Powertech Authority Broker for IBM i has helped strike the right balance between security and efficiency, ensuring that users have the necessary access without compromising security. The use of Powertech Database Monitor for IBM i has improved the bank's ability to monitor data access and changes to transactions in real time. Finally, the implementation of Powertech Password Self Help for IBM i has improved the user experience by reducing the time spent on password resets.

Benefit #1	Reduced time spent on generating audit reports from 3-4 days to just a few clicks
Benefit #2	Cut password reset time in half, freeing up IT team's time for more meaningful tasks
Benefit #3	Provided real-time monitoring of data access and changes to transactions

Benefit #1

Reduced time spent on generating audit reports from 3-4 days to just a few clicks

Benefit #2

Cut password reset time in half, freeing up IT team's time for more meaningful tasks

Benefit #3

Provided real-time monitoring of data access and changes to transactions

Download PDF Version

Overview

Enhancing Security and Compliance in Banking: A Case Study of Merchant Bank of Sri Lanka & Finance

Operational Impact

Quantitative Benefit