Jet Infosystems deploys a security information and event management system at Ural FD Bank
Moscow. Ural FD Bank and Jet Infosystems have established a security information and event management system based on HP ArcSight. The bank has acquired a reliable and convenient instrument that can promptly identify and investigate information security breaches. The incident response and investigation time has dropped by 80%. The bank's management can now appreciate the benefits of IS projects that are obviously worth the investment.
Ural FD is a major financial institution in the Perm region of Russia, particularly as a bank card issuer and processor. Its business strategy incorporates compliance with modern information security standards. Introducing a platform for centralized automatic collection, storage and analysis of IS events at the bank was a planned step aimed at solid data protection.
The contract was awarded to Jet Infosystems, an industry leader whose portfolio includes several dozen IS projects. Jet's engineers reviewed the IT infrastructure at the bank and ranked event sources according to their relevance to information security.
HP ArcSight was set up to receive audit logs from telecom equipment to identify unauthorized entry into the corporate network. Events were also reported from firewalls and the Cisco Secure Access Control Server. Accordingly, filters were set up to identify IS policy violations involving external networks. Log collection at the server OS level was also set up to monitor privileged users. Whenever a filter detects an information security incident, an email notification is automatically sent to the administrator.
The new system features about a dozen filters that monitor the most relevant information security attacks involving botnets, attempts at unauthorized access to server OS, program launch, changing network configurations and so on.
“The events processed by the system are represented in five reports and as many graphic panels with different levels of visualization. IS analytical work has therefore become dramatically faster. In particular, it takes just a few minutes to generate an analytical report as opposed to 5 to 7 days needed in the times of manual log collection and analysis,” - says Elman Beybutov, head of database protection and SOC at Jet Infosystems.
“Ural FD has been successfully operating in the Perm region for over 20 years. While offering convenient and attractive banking products, the bank is also keen on robust risk management. The introduction of the new HP ArcSight system is a good example of our continuous care for security and customer satisfaction,” – notes Aleksandr Roppert, information security manager at Ural FD Bank.
Technical support to the system is provided on a 24x7 basis by Jet Infosystems.
Currently the system incorporates 60 IS event sources at the bank’s headquarters. In the future it may be scaled up to cover the entire infrastructure of the bank including the branch network.
Ural FD is the largest independent full-service bank in the Perm region that serves over 150,000 retail account including more than 130,000 Visa cards. According to RBK.Rating agency, its performance indicators ranging from net assets to credit portfolio and liabilities show that URAL-FD, a healthy mid-size Russian bank, ranks first in the Perm region in terms of absolute figures.
For more information see http://www.uralfd.ru/