Jet Infosystems deploys an information security system for the QIWI Group
Moscow. The QIWI Group and Jet Infosystems launch an automated data security system for QIWI’s payment service network.
Based on IBM Security QRadar SIEM and IBM Guardium, the new system collects and analyzes data on information security incidents from a variety of sources and protects the integrity of databases. IS incidents in QIWI’s distributed infrastructure can now be identified and analyzed much faster. Also, the new system monitors all database queries and records data security incidents in the DBMS. While enhancing corporate data security in general, it also helps QIWI meet international standards such as PCI DSS and SOX.
“The system for the monitoring and control of IS incidents is a major addition to QIWI’s data security program. It provides prompt response to incidents, tracks down all activities in our infrastructure, and, with assistance from the database monitoring system, can detect unauthorized access at a very early stage,” comments Kirill Ermakov, Information security manager for QIWI.
The project covers QIWI’s head office and two data centers in Moscow. Following a review of the payment service infrastructure, Jet Infosystems designed and deployed the security system that was connected to over 1800 event sources of more than 20 types. According to statistics, the system processes about 100 Gb of events and 50 Gb of network traffic a day.
IBM Guardium agents were installed in the principal production and testing databases. The system feature a masking function, i.e. critical QIWI client data are partially hidden when information is displayed.
“The QIWI project covers an exceptionally large number of data sources. Some of them were non-standard and required us to develop special parsers, - notes Viktor Akimov, business development manager, Information Security Ceter, Jet Infosystems. – This work was done in close cooperation with IT administrators and developers; some QIWI systems were additionally optimized to fit the project.”
The IBM QRadar is an integrated console capable of analyzing information flows passing through the monitoring and control system almost in real time, generating reports and notices of incidents.
An independent penetration test by QIWI experts demonstrated that the new system was a highly efficient means of discovering information security threats and suspicious activities in the infrastructure.
New components are connected to the monitoring and control system as they are added to QIWI’s dynamic IT infrastructure.
QIWI plc. is a leading next-generation provider of payment services in Russia and the Commonwealth of Independent States (CIS). It owns an integrated network that accepts payments in kiosks, via Internet and mobile phones. The system includes over 17.3 virtual wallets and about 177,000 terminals. QIWI-mediated cash and electronic payments to merchants amount to 50 billion rubles a month from over 70 mln clients who can use cash, stored value and other electronic payment methods to order and pay for goods and services across physical or virtual environments interchangeably.