BeyondTrust > 实例探究 > Multinational Bank Integrates PBUL to Achieve Global Compliance

Multinational Bank Integrates PBUL to Achieve Global Compliance

BeyondTrust Logo
公司规模
Large Corporate
国家
  • Worldwide
产品
  • PowerBroker Unix & Linux
  • BeyondInsight IT Risk Management platform
技术栈
  • Unix
  • Linux
实施规模
  • Enterprise-wide Deployment
影响指标
  • Customer Satisfaction
技术
  • 网络安全和隐私 - 安全合规
适用行业
  • 金融与保险
适用功能
  • 商业运营
用例
  • 监管合规监控
  • 网络安全
服务
  • 系统集成
  • 软件设计与工程服务
关于客户
The customer is a globally recognized multinational banking and financial services company. The bank provides retail, wholesale and investment banking, as well as wealth management, mortgage lending and credit cards. Its activities include moving, lending, investing and protecting money for customers around the world. In addition to the ever-present risk of cyber threats, it must also meet banking and privacy regulations in each of the countries and regions in which it does business. As of mid-2013, there were more than 99 countries with data privacy laws and many more pending. There are broad global variations in the specific requirements to protect and store personal data, but as a global bank, this company is subject to most of these compliance requirements.
挑战
The bank, a globally recognized multinational banking and financial services company, was faced with the challenge of meeting broad data privacy compliance requirements from over 99 countries. As cyber attacks, security breaches and data loss become more commonplace, lawmakers and regulators are seeking to put strong data security legal frameworks in place. The bank is subject to most of these compliance requirements. An internal audit at the bank developed a series of proposed internal policies to meet all the forthcoming compliance regulations with which the bank needed to comply. These proposed policies had three objectives: enable compliance to these regulations across the world; increase protection for their servers, infrastructure, and the data they contain; and support a corporate objective to improve and sustain consumer confidence. To meet these objectives and implement the proposed internal policies, an aggressive reevaluation and investment in their IT security strategy and privilege management practices was needed.
解决方案
The bank designed an enterprise-wide global system to protect all private data, wherever it resided on their Unix and Linux servers. Policies are still established on their current system. That system controls where data resides, who can access the data and the systems containing the data, along with what tasks are allowed when access is granted. To enforce these policies the bank integrated their current system with BeyondTrust’s PowerBroker for Unix and Linux. PowerBroker controls authorization requirements for servers and delegates the specific tasks on those servers. Now there is a record of who accessed which servers and the details of the tasks performed. All access is logged, and those logs are consolidated and centralized to create reports that verify compliance. The key to this global solution is that it integrates into their current system that manages permissions, enabling them to improve rather than replace their current processes.
运营影响
  • PowerBroker for Unix and Linux offers the flexibility and task delegation that the bank needed, which was evident from proof of concept onward.
  • The custom connectors allowed consolidation and segregation across the different geopolitical areas, with consistent management of policies for privileged accounts.
  • During the proof of concept process it was clear that the PowerBroker GUI worked well, and that the bank would not lose the ease of use of their home-grown permissions system.
  • Taking advantage of the policy language in PBUL, they were also able to integrate PowerBroker with their change management system for requests. They now have a smooth workflow from request initiation through delivery of credentials to perform specific tasks on the servers.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。