financial institution uses boks to centralize access controls across 50,000 servers
TRANSCRIPT
Financial Institution Uses BoKS to Centralize Access Controls Across 50,000 Servers
Top 5 US Bank uses BoKS ServerControl to centrally control access to 50,000 servers across multiple domains and global locations.
ChallengesThis leading US bank had thousands of Solaris, AIX, and Linux Redhat servers, with hundreds of administrators requiring access. They needed to ensure protection of data and applications running on servers both to protect corporate value and reputation and to meet regulatory requirements. As well, they were looking for an automated way to administer user accounts and control the access rights and executable commands of privileged users across their heterogeneous Unix and Linux server environments. The key drivers were not only to protect sensitive customer information from the risk of insider fraud, but also to streamline security administration and automate audit and compliance reporting.
FoxT Solution and Results
After rolling out the BoKS ServerControl solution to a few thousand servers, in recent years, the bank has adopted BoKS ServerControl as a global corporate standard. Using BoKS, they have been able to centralize and automate the user account administration across their servers, enabling them to allocate fewer resources to security administration.
BoKS ServerControl transparently elevates privileges for administrative users and eliminates the sharing of functional account passwords. The ability to eliminate sharing of these functional account passwords is crucial for system security, and also enables the bank to address a big auditor concern and several areas of SOX, PCI and state-specific regulatory requirements. In addition, the bank is automatically controlling the authentication technique and authorization based on the person, the source system, the communication method, the target system, and time. Centralized management of SSH host keys, another feature of BoKS ServerControl, is also incorporated into the authorization and can be controlled down to the sub-service level as part of the access rules, further saving time and enabling more granular control over administrator actions. BoKS ServerControl also enables the bank to keystroke log sensitive sessions and grant privileged command execution to non-privileged users.
Management of the entire multi-domain environment is significantly streamlined by using BoKS Multi-Domain Services Interface. The bank leveraged BoKS MDS to tie together and create centralized management across their large scale environment, which has multiple domains and enforcement points.
CASE STUDY
Copyright © Fox Technologies. FoxT logo is a trademark of Fox Technologies, Inc. Other product and company names noted herein may be the registered trademarks and trademarks of their respective owners. All rights reserved.
About FoxT
Fox Technologies, Inc. helps
companies protect corporate
information assets with network
security and access management
software as well as striving to simplify
compliance and streamline
administration with an award-winning
access management and privileged
account control solution. Our access
management software centrally
enforces granular access entitlements
in real time across diverse server
environments. To contact Fox
Technologies you can email us at:
[email protected], or visit our website:
www.foxt.com.
www.foxt.com • [email protected] • 616 .438 .0840
BoKS ServerControl also enables automatic registration and de-registration of servers, which is very helpful for large, multi-domain environments. Using this feature, the bank can easily manage virtual and blade servers that are used sporadically or have security administrators pre-register hosts that will be on-boarded by system administrators.
To streamline audits and compliance, BoKS ServerControl automatically consolidates all of the user activity logs from across diverse server types, including the keystroke logs, making it much easier to provide evidence of controls for audits and compliance reporting.
Conclusion
Utilizing BoKS ServerControl, a top bank has been able to significantly streamline administration of user accounts, reducing the cost of administration, while satisfying auditor requirements to eliminate the sharing of powerful functional account passwords. As well, they are able to address key regulatory compliance mandates and ensure that their systems and data are safe from insider fraud.