下载PDF
CyberArk > 实例探究 > Bangladesh’s BRAC Bank selects CyberArk to defend its assets
CyberArk Logo

Bangladesh’s BRAC Bank selects CyberArk to defend its assets

技术
  • 网络安全和隐私 - 端点安全
  • 网络安全和隐私 - 身份认证管理
  • 网络安全和隐私 - 安全合规
适用行业
  • 金融与保险
适用功能
  • 商业运营
用例
  • 网络安全
服务
  • 系统集成
  • 培训
挑战
Despite its success, like all enterprises BRAC Bank Limited (BBL) must face up to the many and varied challenges of security. To do this it has taken bold steps, becoming the first (and so far only) local bank to achieve ISO 27001:2013 certification for security management and BBL was the first Bangladeshi bank to deploy a Security Operations Centre to anticipate and defend against threats. Participating in the highly regulated financial sector, the bank prides itself on being at the forefront of implementing state-of-the-art security controls, policies and procedures across all operations. However, BRAC Bank must still address the familiar malware, spoofing and other familiar threat vectors. Also, it recognises that the cybersecurity threat landscape continues to change as data governance rules are adapted over time, including the Bangladeshi Guideline on ICT Security for Banks, PCI-DSS and SWIFT, while addressing payment partners’ security requirements and other local regulations. And, again typical, the bank has to fight to justify access to IT security resources and to retain security staff in a world where these skills are highly prized.
关于客户
BRAC Bank is a private commercial bank in Bangladesh that was founded in 2001 and now employs around 7,000 staff, serving around two million retail, corporate and SME business customers in the country and abroad. Its corporate vision is to “build a just, enlightened, healthy, democratic and poverty-free Bangladesh”. Being one of the largest banks in Bangladesh, BRAC Bank is entrusted with protecting customer and corporate data. It also has multiple digital and transformational initiatives underway.
解决方案
BRAC Bank Head of Information Security B M Zahid-ul Haque and his team studied the importance of enhancing policies and practices to protect data held by privileged users as a strategic way to improve security. As they investigated the Privileged Access Management (PAM) sector, members of BRAC Bank’s security team were introduced to CyberArk by local systems integrator and consulting firm OneWorld InfoTech. During its procurement due-diligence process, an evaluation team was formed with a combination of multiple stakeholders that considered RFP responses, feature comparisons, scalability, proof-of concept findings, financial negotiations, local partnering availability and experience, and support. BRAC Bank evaluated several firms and products and canvassed internal feedback and expert opinion before settling on the CyberArk solution and OneWorld’s assistance in implementation and post-implementation support. “Finally, due to the track record of continuous innovation and a laser focus on the area, we found that CyberArk set a standard in privileged access management,” said Mr. Zahid-ul Haque. “With the deployment of PAM and CyberArk we are able to address compliance related to privileged access issues while being confident that the market-leading solution in privileged account security is protecting our keys to the IT kingdom.” BRAC Bank formed an internal team to work closely with CyberArk, gave team members initial training and decided on a phased approach to deployment. The implementation team rolled out a broad suite of software including solutions for: Privileged Access Manager, Endpoint Privilege Manager, Secrets Manager, NIX Server Protection, Discovery & Audit (DNA).
运营影响
  • Despite BRAC Bank’s phased approach, the entire deployment was still completed within six months and it has been a success, thanks to the support of senior management and the strong working relationship between CyberArk, OneWorld and the BRAC Bank internal team.
  • BRAC Bank is in a better position to defend against internal and external attacks on privileged accounts and its “crown jewels” core assets. Also, compliance has been strengthened as the bank can demonstrate to auditors that appropriate controls are in place and that credentials are being properly managed.
  • “CyberArk has enabled us to secure more, provision, control, and monitor all activities associated with privileged identities used in enterprise system applications,” says Mr. Zahid.
数量效益
  • The entire deployment was completed within six months.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.