Leading European Banking Organization chooses DetectIT for fast, flexible and comprehensive management-level reporting
View all case studies Published | January 2009
Fast, flexible, comprehensive management-level reporting was key to the choice of Safestone DetectIT for a leading European banking organisation.
One of Europe’s top 20 international banking groups, with a market capitalization of Eur43 billion, has selected Safestone DetectIT to secure its IBM System-i servers across the European and worldwide operations of its insurance arm.
DetectIT provides the bank with a single point of contact and control over multiple System-i servers and can be implemented on any new server in any country in a matter of minutes, saving significant time, resources and money. Working with the bank, Safestone developed DetectIT to provide clear, quick graphical reporting for technicians and management.
ISO17799 policy standard
The banking group provides a comprehensive range of financial and insurance services to a personal, business and institutional customer base in 50 countries around the globe. With a service offering including retail banking, financial services and niche market support, the bank combines global strength with local flexibility.
In common with all financial institutions, security and customer confidentiality are essential to the bank’s business. The organisation is required to adhere to the European information security policy standards of ISO17799. All European banks and insurance companies must be ISO17799 compliant to maintain their licence to trade.
ISO17799 guidelines set out the best practices of control objectives for information security management, including but not limited to access control, communications and information security incident management.
The business requirement
The business requirement was to gain an instant understanding of any real or potential breaches of security. As well as the bank’s technicians may know and understand their worldwide systems, it would still take days of investigation and several million euros to detect any threats or vulnerabilities. With protection of customer files and continuity of service paramount, the bank sought a comprehensive software solution that would also offer excellent reporting facilities.
Safestone helped the Bank implement the DetectIT Suite, comprising core modules: Security Audit and Detection, Network Traffic Controller, Risk and Compliance Monitor, and User Profile Manager. The Suite adds extra layers of security to the System i, protecting confidential and sensitive information.
Critical to the bank’s secure IT systems was Network Traffic Controller. Using this module, the bank can monitor, control and validate all external access to its System-i servers.
Network Traffic Controller prevents inappropriate access to critical information through exit points, monitoring, controlling and validating all external access to IBM System-i servers.
Tailored programme
Safestone worked with the bank to develop a straightforward graphical user interface that could be understood equally by technical staff and management.
Safestone’s account manager with the Bank , comments: “The key thing was to provide information clearly and quickly. If a customer or manager asks questions about the system, technical staff can show and produce on-screen reports to a very high degree of management information.”
“The DetectIT development schedule is aimed at making it even easier to get information out of System-i so that many levels of people can understand it.”
DetectIT offered several major advantages to the bank, first and foremost that the ISO17799 policy standard is written into the software. To apply this independently would take around 3-4 months’ consultancy time and commensurate fees.
Secondly, DetectIT provides system control from a single point of contact, which means that all information security management reporting can be accessed without logging on to different servers. In future, the system will be applied globally to any server for which the bank has a DetectIT licence.
Safestone’s account manager adds: “Using DetectIT, all knowledge about information security, from operations all over the world, is gathered and remains held centrally. No one can change internal policy and audits at any global location can be carried out quickly and simply via remote auditing. The cost saving implications of this unique network facility are significant.”
100% secure
External audits, used to test the security of the bank’s information systems, proved DetectIT to be the best platform with an effective 100% safety record.
