BeyondTrust > Case Studies > Multinational Bank Integrates PBUL to Achieve Global Compliance

Multinational Bank Integrates PBUL to Achieve Global Compliance

BeyondTrust Logo
Customer Company Size
Large Corporate
Country
  • Worldwide
Product
  • PowerBroker Unix & Linux
  • BeyondInsight IT Risk Management platform
Tech Stack
  • Unix
  • Linux
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Customer Satisfaction
Technology Category
  • Cybersecurity & Privacy - Security Compliance
Applicable Industries
  • Finance & Insurance
Applicable Functions
  • Business Operation
Use Cases
  • Regulatory Compliance Monitoring
  • Cybersecurity
Services
  • System Integration
  • Software Design & Engineering Services
About The Customer
The customer is a globally recognized multinational banking and financial services company. The bank provides retail, wholesale and investment banking, as well as wealth management, mortgage lending and credit cards. Its activities include moving, lending, investing and protecting money for customers around the world. In addition to the ever-present risk of cyber threats, it must also meet banking and privacy regulations in each of the countries and regions in which it does business. As of mid-2013, there were more than 99 countries with data privacy laws and many more pending. There are broad global variations in the specific requirements to protect and store personal data, but as a global bank, this company is subject to most of these compliance requirements.
The Challenge
The bank, a globally recognized multinational banking and financial services company, was faced with the challenge of meeting broad data privacy compliance requirements from over 99 countries. As cyber attacks, security breaches and data loss become more commonplace, lawmakers and regulators are seeking to put strong data security legal frameworks in place. The bank is subject to most of these compliance requirements. An internal audit at the bank developed a series of proposed internal policies to meet all the forthcoming compliance regulations with which the bank needed to comply. These proposed policies had three objectives: enable compliance to these regulations across the world; increase protection for their servers, infrastructure, and the data they contain; and support a corporate objective to improve and sustain consumer confidence. To meet these objectives and implement the proposed internal policies, an aggressive reevaluation and investment in their IT security strategy and privilege management practices was needed.
The Solution
The bank designed an enterprise-wide global system to protect all private data, wherever it resided on their Unix and Linux servers. Policies are still established on their current system. That system controls where data resides, who can access the data and the systems containing the data, along with what tasks are allowed when access is granted. To enforce these policies the bank integrated their current system with BeyondTrust’s PowerBroker for Unix and Linux. PowerBroker controls authorization requirements for servers and delegates the specific tasks on those servers. Now there is a record of who accessed which servers and the details of the tasks performed. All access is logged, and those logs are consolidated and centralized to create reports that verify compliance. The key to this global solution is that it integrates into their current system that manages permissions, enabling them to improve rather than replace their current processes.
Operational Impact
  • PowerBroker for Unix and Linux offers the flexibility and task delegation that the bank needed, which was evident from proof of concept onward.
  • The custom connectors allowed consolidation and segregation across the different geopolitical areas, with consistent management of policies for privileged accounts.
  • During the proof of concept process it was clear that the PowerBroker GUI worked well, and that the bank would not lose the ease of use of their home-grown permissions system.
  • Taking advantage of the policy language in PBUL, they were also able to integrate PowerBroker with their change management system for requests. They now have a smooth workflow from request initiation through delivery of credentials to perform specific tasks on the servers.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.