BeyondTrust Case Studies Multinational Bank Integrates PBUL to Achieve Global Compliance
Edit This Case Study Record
BeyondTrust Logo

Multinational Bank Integrates PBUL to Achieve Global Compliance

BeyondTrust
Cybersecurity & Privacy - Security Compliance
Finance & Insurance
Business Operation
Regulatory Compliance Monitoring
Cybersecurity
System Integration
Software Design & Engineering Services
The bank, a globally recognized multinational banking and financial services company, was faced with the challenge of meeting broad data privacy compliance requirements from over 99 countries. As cyber attacks, security breaches and data loss become more commonplace, lawmakers and regulators are seeking to put strong data security legal frameworks in place. The bank is subject to most of these compliance requirements. An internal audit at the bank developed a series of proposed internal policies to meet all the forthcoming compliance regulations with which the bank needed to comply. These proposed policies had three objectives: enable compliance to these regulations across the world; increase protection for their servers, infrastructure, and the data they contain; and support a corporate objective to improve and sustain consumer confidence. To meet these objectives and implement the proposed internal policies, an aggressive reevaluation and investment in their IT security strategy and privilege management practices was needed.
Read More
The customer is a globally recognized multinational banking and financial services company. The bank provides retail, wholesale and investment banking, as well as wealth management, mortgage lending and credit cards. Its activities include moving, lending, investing and protecting money for customers around the world. In addition to the ever-present risk of cyber threats, it must also meet banking and privacy regulations in each of the countries and regions in which it does business. As of mid-2013, there were more than 99 countries with data privacy laws and many more pending. There are broad global variations in the specific requirements to protect and store personal data, but as a global bank, this company is subject to most of these compliance requirements.
Read More
The bank designed an enterprise-wide global system to protect all private data, wherever it resided on their Unix and Linux servers. Policies are still established on their current system. That system controls where data resides, who can access the data and the systems containing the data, along with what tasks are allowed when access is granted. To enforce these policies the bank integrated their current system with BeyondTrust’s PowerBroker for Unix and Linux. PowerBroker controls authorization requirements for servers and delegates the specific tasks on those servers. Now there is a record of who accessed which servers and the details of the tasks performed. All access is logged, and those logs are consolidated and centralized to create reports that verify compliance. The key to this global solution is that it integrates into their current system that manages permissions, enabling them to improve rather than replace their current processes.
Read More
PowerBroker for Unix and Linux offers the flexibility and task delegation that the bank needed, which was evident from proof of concept onward.
The custom connectors allowed consolidation and segregation across the different geopolitical areas, with consistent management of policies for privileged accounts.
During the proof of concept process it was clear that the PowerBroker GUI worked well, and that the bank would not lose the ease of use of their home-grown permissions system.
Download PDF Version
test test