Ensuring security and privacy are central to the continued success for one of the largest bank holding company in the United States. With over 13 million individuals and business customers, this full-service banking, brokerage, and investment company understands the importance of protecting customer information.
“Simply put, if our data or services are compromised in any way, it is our reputation and our business that suffers, more than the reputation of the software company that provided the security administration software,” says the Chief Information Security Offcer (CISO) at the bank. “So, when the time came to choose a controls and compliance solution for our network, we did our homework. We chose the [Core Privileged Access Manager (BoKS)] solution for its reliability and proven ability to integrate and easily manage a large, complex environment.”
Core Privileged Access Manager (BoKS) is a comprehensive identity and access management solution that controls access across the bank’s large, heterogeneous Unix and Linux servers. With Core Privileged Access Manager (BoKS), information security administrators at the bank can easily manage the identication and authentication of users, create user groups and roles, establish access control policies, ensure data privacy and integrity, and audit the entire process—all from a central security console.
The CISO explains that at the bank, there are a mixture of over 3500 Unix and Linux servers managing myriad applications, transactions, and databases. This leading innovator understood the importance of security and control in this multi-vendor environment long before privacy and other regulatory legislation mandated good information management.
“It’s impossible to manage such a complex network manually or automate only individual systems,” says the CISO. “We need a comprehensive, centralized solution, and BoKS ServerControl is the product that best meets our requirements.”
One of the primary capabilities of Core Privileged Access Manager (BoKS) that the bank has implemented is the ability to control root account access across all Unix servers. With Core Privileged Access Manager (BoKS), the systems administrators do not know the root password on a day-to-day basis. In the event of an emergency or for scheduled maintenance, the administrators can check out the password. But for daily root account use, the administrators use their SecurID tokens to gain access to the root account. Core Privileged Access Manager (BoKS) controls the management of the privileged delegation and logs each time a systems administrator becomes root.
Core Privileged Access Manager (BoKS) also provides the same functionality for access to other privileged accounts that are used to manage applications such as Oracle, Websphere, MQSeries, and DB2. This allows for control and accountability whenever a privileged account is accessed, reducing the risk of fraud and simplifying compliance.
In addition to controlled delegation of root privileges, other core capabilities of Core Privileged Access Manager (BoKS) that enable the bank to better secure their IT infrastructure include:
- Centrally managed SSH
- Automated audit logging of all key events
- Centralized administration including password quality administration
- Keystroke logging
PARTNERS IN COMPLIANCE AND CONTROL
The relationship between this financial services organization and Fortra goes back to as early as 1996, when the solution (then an RSA product) was implemented. During a merger process, the financial organizations conducted a thorough technology review looking at Fortra and products from other vendors. The bank found that versus competitive products, Core Privileged Access Manager (BoKS) had the following advantages:
- Less intrusive to the operating system than competitive products; doesn’t require kernel extensions
- Seamless integration with dynamic passwords including RSA SecurID Authentication
- Ease of use and deployment
From the evaluation, the bank determined to make Core Privileged Access Manager (BoKS) the corporate standard to be rolled out onto all Unix and Linux machines in the combined company. “[Core Privileged Access Manager (BoKS)] isn’t just about security and compliance; the solution also makes it easier to administer and manage our mixed-vendor environment. We see it as a big win when a security product actually makes life easier for our administrators as well,” said CISO.
“We’ve been extremely happy with Fortra’s responsiveness and support,” says a lead project engineer at the bank. “Upgrades to our system and their software are handled smoothly and efficiently. We work with a lot of software vendors, and Fortra consistently provides the best support.”
With Core Privileged Access Manager (BoKS), the bank is able to control access while easily enabling new business practices and use of network resources for customers, employees and partners. The ability to ensure security while supporting growth is enabling them to maximize their return on investment and increase competitive advantage.