下载PDF
Banking on Security
技术
- 网络安全和隐私 - 安全合规
- 平台即服务 (PaaS) - 应用开发平台
- 基础设施即服务 (IaaS) - 私有云
适用行业
- 金融与保险
适用功能
- 商业运营
- 质量保证
用例
- 欺诈识别
- 监管合规监控
服务
- 软件设计与工程服务
- 系统集成
- 培训
挑战
One of the most important challenges that the WaveMaker team had to overcome was the stringent security requirements of the bank’s internal IT team. As a rule, all applications in the IT department went through rigorous vulnerability and penetration tests under rigid constraints before deployment. Additionally, every application had to be certified for US compliance and regulations. Also, WaveMaker had to conform to the client’s internal infrastructure. Security restrictions prevented internet connectivity for internal systems. This posed a major challenge in releasing updates and dependencies of the WaveMaker platform.
关于客户
Our customer is a Fortune 500 company based out of USA, with over 755 branches worldwide, and is considered as a pioneer in the field of mass marketing of credit cards. Ranked 13th on the 100 largest bank holding companies list in the United States, this bank is one that invests heavily in technology and security too. The client’s main objective was to use a secure and reliable development platform to create customized apps for its in-house business processes. These apps were meant to simplify in-house processes, make them efficient and easy to use for its agents. For instance, the fraud detection workflow, an in-house application that was distributed across multiple segregated systems made it difficult for agents to work with this complex functionality. This resulted in latency when it came to the resolution of issues. Modernization of such kinds of applications was required urgently. However, security and compliance were considered the topmost priority. Workloads were categorized in different levels of security. Gold tier applications needed the highest level of security and bronze the lowest.
解决方案
The bank adopted WaveMaker Enterprise as a platform of choice to create its in-house applications. Initially, a Proof Of Concept (POC) was created by the WaveMaker team in collaboration with our IT partner on WaveMaker Online. WaveMaker professional services provided the IT team with standard training on the WaveMaker Enterprise platform. The IT department’s vetting process was elaborate and strict. Every deployment went through rigorous testing phases. Every library and every bit of code that WaveMaker Enterprise used went through rigorous security testing. This intense testing of the platform was spread across 6 months--one of the most elaborate scrutinizations that the WaveMaker platform has ever gone through. WaveMaker passed all security tests and was certified by the internal IT team as a ‘safe and secure’ platform for development. WaveMaker Enterprise was installed on an AWS private cloud environment. Since the platform did not have access to the internet, all runtime dependencies of WaveMaker were provided as a package that was installed internally on the AWS platform. WaveMaker platform needed to be updated and upgraded frequently for security patches and product updates. Related VMs ran in the AWS cloud environment in sync with WaveMaker releases. While the WaveMaker platform was in the bronze level, applications created using WaveMaker were assigned the gold level, which meant more scrutiny, more testing! All applications at the gold level went through vulnerability tests. All apps created using WaveMaker were scanned using Nessus and underwent rigorous security testing. App penetration testing and vulnerability detection including SQL injection, cross-site request forgery, and cross-site scripting was also performed. Any security issue reported by Nessus was fixed and integrated into the platform.
运营影响
数量效益
相关案例.
Case Study
Real-time In-vehicle Monitoring
The telematic solution provides this vital premium-adjusting information. The solution also helps detect and deter vehicle or trailer theft – as soon as a theft occurs, monitoring personnel can alert the appropriate authorities, providing an exact location.“With more and more insurance companies and major fleet operators interested in monitoring driver behaviour on the grounds of road safety, efficient logistics and costs, the market for this type of device and associated e-business services is growing rapidly within Italy and the rest of Europe,” says Franco.“The insurance companies are especially interested in the pay-per-use and pay-as-you-drive applications while other organisations employ the technology for road user charging.”“One million vehicles in Italy currently carry such devices and forecasts indicate that the European market will increase tenfold by 2014.However, for our technology to work effectively, we needed a highly reliable wireless data network to carry the information between the vehicles and monitoring stations.”
Case Study
Safety First with Folksam
The competitiveness of the car insurance market is driving UBI growth as a means for insurance companies to differentiate their customer propositions as well as improving operational efficiency. An insurance model - usage-based insurance ("UBI") - offers possibilities for insurers to do more efficient market segmentation and accurate risk assessment and pricing. Insurers require an IoT solution for the purpose of data collection and performance analysis
Case Study
Smooth Transition to Energy Savings
The building was equipped with four end-of-life Trane water cooled chillers, located in the basement. Johnson Controls installed four York water cooled centrifugal chillers with unit mounted variable speed drives and a total installed cooling capacity of 6,8 MW. Each chiller has a capacity of 1,6 MW (variable to 1.9MW depending upon condenser water temperatures). Johnson Controls needed to design the equipment in such way that it would fit the dimensional constraints of the existing plant area and plant access route but also the specific performance requirements of the client. Morgan Stanley required the chiller plant to match the building load profile, turn down to match the low load requirement when needed and provide an improvement in the Energy Efficiency Ratio across the entire operating range. Other requirements were a reduction in the chiller noise level to improve the working environment in the plant room and a wide operating envelope coupled with intelligent controls to allow possible variation in both flow rate and temperature. The latter was needed to leverage increased capacity from a reduced number of machines during the different installation phases and allow future enhancement to a variable primary flow system.
Case Study
Automated Pallet Labeling Solution for SPR Packaging
SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.
Case Study
Transforming insurance pricing while improving driver safety
The Internet of Things (IoT) is revolutionizing the car insurance industry on a scale not seen since the introduction of the car itself. For decades, premiums have been calculated using proxy-based risk assessment models and historical data. Today, a growing number of innovative companies such as Quebec-based Industrielle Alliance are moving to usage-based insurance (UBI) models, driven by the advancement of telematics technologies and smart tracking devices.
Case Study
MasterCard Improves Customer Experience Through Self-Service Data Prep
Derek Madison, Leader of Business Financial Support at MasterCard, oversees the validation of transactions and cash between two systems, whether they’re MasterCard owned or not. He was charged with identifying new ways to increase efficiency and improve MasterCard processes. At the outset, the 13-person team had to manually reconcile system interfaces using reports that resided on the company’s mainframe. Their first order of business each day was to print 20-30 individual, multi-page reports. Using a ruler to keep their place within each report, they would then hand-key the relevant data, line by line, into Excel for validation. “We’re talking about a task that took 40-80 hours each week,” recalls Madison, “As a growing company with rapidly expanding product offerings, we had to find a better way to prepare this data for analysis.”