Imperva Case Studies Securing Internet Banking with IoT: A Case Study of an Asia-Pacific Bank

Edit This Case Study Record

	Securing Internet Banking with IoT: A Case Study of an Asia-Pacific Bank Imperva

Securing Internet Banking with IoT: A Case Study of an Asia-Pacific Bank

Imperva

Technology Category	Cybersecurity & Privacy - Database Security Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries	Finance & Insurance National Security & Defense
Applicable Functions	Maintenance Quality Assurance
Use Cases	Inventory Management Tamper Detection
Services	System Integration
Challenge	A leading bank in the Asia-Pacific region was faced with the challenge of meeting the Internet Banking Technology Risk Management (IBTRM) requirements. These requirements necessitated the bank to closely supervise and log database activities performed by privileged users. The bank operates over 1500 mission-critical databases, distributed across seven different nations, making it crucial to deploy a solution that can scale to monitor and audit all databases, in all locations. Centralized management was key for enforcement, efficient management, and on-going maintenance. The bank was also concerned about the impact a monitoring solution would have on database performance, hence needed to ensure a low impact solution that would not compromise the availability of its financial systems. IBTRM also required the bank to limit privileged access based on “need-to-know.” Reviewing and managing access privileges across 1500 databases mandated the bank to implement an automated solution for aggregating and analyzing access privileges. For enforcing configuration policies and patch levels the bank needed a quick, automated way to scan databases, find misconfigurations and identify missing patches. Lastly, the bank needed to ensure proper incident management and response. Read More
About Customer	The customer is a leading bank in the Asia-Pacific region. The bank operates over 1500 mission-critical databases, distributed across seven different nations. The bank is required to meet the Internet Banking Technology Risk Management (IBTRM) guidelines, which provide a risk management framework for financial institutes to identify, assess, measure, and respond to technology risks in a proactive and effective manner. The bank needed a solution that could scale to monitor and audit all databases, in all locations, with centralized management for enforcement, efficient management, and on-going maintenance. The bank also needed to ensure a low impact solution that would not compromise the availability of its financial systems. Read More
Solution	The bank standardized on SecureSphere DAM with agents deployed on all mission-critical databases. SecureSphere Operations Manager (SOM) centrally manages the distributed deployment. The bank chose Imperva SecureSphere for its ability to monitor and audit database activities, its ability to scale and meet the demands of the distributed environment, and its unified management capabilities. SecureSphere Operations Manager (SOM) meets the operational scalability demands of the bank by consolidating the management, visibility, and reporting across its distributed locations, and provides system-wide health metrics and statistics. SecureSphere enables the bank to demonstrate compliance with IBTRM through real-time event monitoring, audit analysis, and customizable reports. SecureSphere enforces access policies and prevents unauthorized access, sending real-time alerts and enabling users to create follow-on tasks, to ensure proper incident management and response. SecureSphere includes a comprehensive list of over 1000 tests and assessment for scanning platform, software, and configuration vulnerabilities. SecureSphere User Rights Management (URM) enables the bank to identify users with excessive rights to sensitive data. With URM the bank can limit a user’s access to databases and, database objects, based on “need-to know.” Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Database Security

Infrastructure as a Service (IaaS) - Cloud Databases

Applicable Industries

Finance & Insurance

National Security & Defense

Applicable Functions

Maintenance

Quality Assurance

Use Cases

Inventory Management

Tamper Detection

Services

System Integration

Challenge

A leading bank in the Asia-Pacific region was faced with the challenge of meeting the Internet Banking Technology Risk Management (IBTRM) requirements. These requirements necessitated the bank to closely supervise and log database activities performed by privileged users. The bank operates over 1500 mission-critical databases, distributed across seven different nations, making it crucial to deploy a solution that can scale to monitor and audit all databases, in all locations. Centralized management was key for enforcement, efficient management, and on-going maintenance. The bank was also concerned about the impact a monitoring solution would have on database performance, hence needed to ensure a low impact solution that would not compromise the availability of its financial systems. IBTRM also required the bank to limit privileged access based on “need-to-know.” Reviewing and managing access privileges across 1500 databases mandated the bank to implement an automated solution for aggregating and analyzing access privileges. For enforcing configuration policies and patch levels the bank needed a quick, automated way to scan databases, find misconfigurations and identify missing patches. Lastly, the bank needed to ensure proper incident management and response.

About Customer

The customer is a leading bank in the Asia-Pacific region. The bank operates over 1500 mission-critical databases, distributed across seven different nations. The bank is required to meet the Internet Banking Technology Risk Management (IBTRM) guidelines, which provide a risk management framework for financial institutes to identify, assess, measure, and respond to technology risks in a proactive and effective manner. The bank needed a solution that could scale to monitor and audit all databases, in all locations, with centralized management for enforcement, efficient management, and on-going maintenance. The bank also needed to ensure a low impact solution that would not compromise the availability of its financial systems.

Solution

The bank standardized on SecureSphere DAM with agents deployed on all mission-critical databases. SecureSphere Operations Manager (SOM) centrally manages the distributed deployment. The bank chose Imperva SecureSphere for its ability to monitor and audit database activities, its ability to scale and meet the demands of the distributed environment, and its unified management capabilities. SecureSphere Operations Manager (SOM) meets the operational scalability demands of the bank by consolidating the management, visibility, and reporting across its distributed locations, and provides system-wide health metrics and statistics. SecureSphere enables the bank to demonstrate compliance with IBTRM through real-time event monitoring, audit analysis, and customizable reports. SecureSphere enforces access policies and prevents unauthorized access, sending real-time alerts and enabling users to create follow-on tasks, to ensure proper incident management and response. SecureSphere includes a comprehensive list of over 1000 tests and assessment for scanning platform, software, and configuration vulnerabilities. SecureSphere User Rights Management (URM) enables the bank to identify users with excessive rights to sensitive data. With URM the bank can limit a user’s access to databases and, database objects, based on “need-to know.”

Impact #1	The bank effectively implemented IBTRM security controls, enabling continuous monitoring and auditing of privileged activity. The enforcement of access policies prevented unauthorized access, and the integration with global SIEM streamlined incident management. The bank was able to supervise and log all system activities of personnel with elevated system access entitlements, grant privileged access only on a “need-to-have” basis, conduct regular system and network configurations reviews, analyze security logs for suspicious traffic and intrusion attempts, and establish an incident management and response plan. The bank also improved change management controls and enforced change management processes. The comprehensive auditing, privileged user monitoring, and configuration scans enabled by SecureSphere supported the bank’s compliance efforts and provided the foundations for a robust risk management process.

Impact #1

The bank effectively implemented IBTRM security controls, enabling continuous monitoring and auditing of privileged activity. The enforcement of access policies prevented unauthorized access, and the integration with global SIEM streamlined incident management. The bank was able to supervise and log all system activities of personnel with elevated system access entitlements, grant privileged access only on a “need-to-have” basis, conduct regular system and network configurations reviews, analyze security logs for suspicious traffic and intrusion attempts, and establish an incident management and response plan. The bank also improved change management controls and enforced change management processes. The comprehensive auditing, privileged user monitoring, and configuration scans enabled by SecureSphere supported the bank’s compliance efforts and provided the foundations for a robust risk management process.

Benefit #1	Coverage for 1500 mission-critical databases
Benefit #2	Minimal performance impact
Benefit #3	Over 1000 tests and assessment for scanning platform, software, and configuration vulnerabilities

Benefit #1

Coverage for 1500 mission-critical databases

Benefit #2

Minimal performance impact

Benefit #3

Over 1000 tests and assessment for scanning platform, software, and configuration vulnerabilities

Download PDF Version

Overview

Securing Internet Banking with IoT: A Case Study of an Asia-Pacific Bank

Operational Impact

Quantitative Benefit