Download PDF
Securing Internet Banking with IoT: A Case Study of an Asia-Pacific Bank
Technology Category
- Cybersecurity & Privacy - Database Security
- Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries
- Finance & Insurance
- National Security & Defense
Applicable Functions
- Maintenance
- Quality Assurance
Use Cases
- Inventory Management
- Tamper Detection
Services
- System Integration
The Challenge
A leading bank in the Asia-Pacific region was faced with the challenge of meeting the Internet Banking Technology Risk Management (IBTRM) requirements. These requirements necessitated the bank to closely supervise and log database activities performed by privileged users. The bank operates over 1500 mission-critical databases, distributed across seven different nations, making it crucial to deploy a solution that can scale to monitor and audit all databases, in all locations. Centralized management was key for enforcement, efficient management, and on-going maintenance. The bank was also concerned about the impact a monitoring solution would have on database performance, hence needed to ensure a low impact solution that would not compromise the availability of its financial systems. IBTRM also required the bank to limit privileged access based on “need-to-know.” Reviewing and managing access privileges across 1500 databases mandated the bank to implement an automated solution for aggregating and analyzing access privileges. For enforcing configuration policies and patch levels the bank needed a quick, automated way to scan databases, find misconfigurations and identify missing patches. Lastly, the bank needed to ensure proper incident management and response.
About The Customer
The customer is a leading bank in the Asia-Pacific region. The bank operates over 1500 mission-critical databases, distributed across seven different nations. The bank is required to meet the Internet Banking Technology Risk Management (IBTRM) guidelines, which provide a risk management framework for financial institutes to identify, assess, measure, and respond to technology risks in a proactive and effective manner. The bank needed a solution that could scale to monitor and audit all databases, in all locations, with centralized management for enforcement, efficient management, and on-going maintenance. The bank also needed to ensure a low impact solution that would not compromise the availability of its financial systems.
The Solution
The bank standardized on SecureSphere DAM with agents deployed on all mission-critical databases. SecureSphere Operations Manager (SOM) centrally manages the distributed deployment. The bank chose Imperva SecureSphere for its ability to monitor and audit database activities, its ability to scale and meet the demands of the distributed environment, and its unified management capabilities. SecureSphere Operations Manager (SOM) meets the operational scalability demands of the bank by consolidating the management, visibility, and reporting across its distributed locations, and provides system-wide health metrics and statistics. SecureSphere enables the bank to demonstrate compliance with IBTRM through real-time event monitoring, audit analysis, and customizable reports. SecureSphere enforces access policies and prevents unauthorized access, sending real-time alerts and enabling users to create follow-on tasks, to ensure proper incident management and response. SecureSphere includes a comprehensive list of over 1000 tests and assessment for scanning platform, software, and configuration vulnerabilities. SecureSphere User Rights Management (URM) enables the bank to identify users with excessive rights to sensitive data. With URM the bank can limit a user’s access to databases and, database objects, based on “need-to know.”
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Real-time In-vehicle Monitoring
The telematic solution provides this vital premium-adjusting information. The solution also helps detect and deter vehicle or trailer theft – as soon as a theft occurs, monitoring personnel can alert the appropriate authorities, providing an exact location.“With more and more insurance companies and major fleet operators interested in monitoring driver behaviour on the grounds of road safety, efficient logistics and costs, the market for this type of device and associated e-business services is growing rapidly within Italy and the rest of Europe,” says Franco.“The insurance companies are especially interested in the pay-per-use and pay-as-you-drive applications while other organisations employ the technology for road user charging.”“One million vehicles in Italy currently carry such devices and forecasts indicate that the European market will increase tenfold by 2014.However, for our technology to work effectively, we needed a highly reliable wireless data network to carry the information between the vehicles and monitoring stations.”
Case Study
Safety First with Folksam
The competitiveness of the car insurance market is driving UBI growth as a means for insurance companies to differentiate their customer propositions as well as improving operational efficiency. An insurance model - usage-based insurance ("UBI") - offers possibilities for insurers to do more efficient market segmentation and accurate risk assessment and pricing. Insurers require an IoT solution for the purpose of data collection and performance analysis
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.
Case Study
Smooth Transition to Energy Savings
The building was equipped with four end-of-life Trane water cooled chillers, located in the basement. Johnson Controls installed four York water cooled centrifugal chillers with unit mounted variable speed drives and a total installed cooling capacity of 6,8 MW. Each chiller has a capacity of 1,6 MW (variable to 1.9MW depending upon condenser water temperatures). Johnson Controls needed to design the equipment in such way that it would fit the dimensional constraints of the existing plant area and plant access route but also the specific performance requirements of the client. Morgan Stanley required the chiller plant to match the building load profile, turn down to match the low load requirement when needed and provide an improvement in the Energy Efficiency Ratio across the entire operating range. Other requirements were a reduction in the chiller noise level to improve the working environment in the plant room and a wide operating envelope coupled with intelligent controls to allow possible variation in both flow rate and temperature. The latter was needed to leverage increased capacity from a reduced number of machines during the different installation phases and allow future enhancement to a variable primary flow system.
Case Study
Automated Pallet Labeling Solution for SPR Packaging
SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.
Case Study
Transforming insurance pricing while improving driver safety
The Internet of Things (IoT) is revolutionizing the car insurance industry on a scale not seen since the introduction of the car itself. For decades, premiums have been calculated using proxy-based risk assessment models and historical data. Today, a growing number of innovative companies such as Quebec-based Industrielle Alliance are moving to usage-based insurance (UBI) models, driven by the advancement of telematics technologies and smart tracking devices.