Case Study - Auditing remote access of employees at a leading financial institution


Published on

In order to prepare the bank for emergency situations, during which the bank employees would have to work as "tele-commuters", the bank has prepared a Remote-Access-Plan (RAP). As part of this ambitious plan, the remotely employees go through a Citrix gateway, which guarantees safe and secure access. Bank Leumi had to record and monitor this activity in order to comply with the banking regulations.

Bank Leumi integrated ObserveIT solutions and created an audited gateway. This way, all the remote users' activities would be recorded for future possible audit.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Case Study - Auditing remote access of employees at a leading financial institution

  1. 1. people audit System Security and Financial Control Reports at Leumi CardCase Study Challenge Leumi Card Ltd. provides credit card and payment solutions throughout Israel. Operating as a subsidiary of Bank Leumi, Israels leading commercial bank with $85 billion in assets, LeumiCard is one of the largest credit card and payment solutions providers in the country.“ This has dramatically decreased the number LeumiCard’s infrastructure is managed in a highly-secured data center at their corporate headquarters. The system platform runs on serveral platforms, all with sensitive mission-critical applications. of user sessions on Ongoing operations and maintenance of these platforms require system access by various privileged internal users, including software production machines.Ofer Ben Artzy, ” developers, system and storage infrastructure managers and application managers. These users log in to production servers using RDP. Corporate control reports require that LeumiCard be able to documentManager of Infrastructure Systems exactly what takes place on each production server, and to be able to explain why the action was necessary.SolutionLeumiCard deployed ObserveIT on their mission-critical servers in order achieve identity management, user policy messagingand session recording. The first key to the solution involves shared-account (administrator) users being asked to providesecondary named-user credentials, with userids validated via the company’s Active Directory system. This feature ofObserveIT automatically guarantees that every single user session can be tied to a specific user.Next, the user must acknowledge that s/he is aware that s/he is logging into a production server. “We discovered that this alonehas dramatically decreased the number of user sessions on production machines,” stated Ofer Ben Artzy, LeumiCard’s Managerof Infrastructure Systems. “When you alert the users like this, they are more likely to find an alternative way to do their job viasecondary test servers, which means a reduced number of entries in my daily control reports that need to be reviewed.”Finally, ObserveIT’s user session video recording captures a video replay of each user session. This portion of the solutiondelivers the concrete evidence necessary when investigating security issues. Daily email control reports are deliveredautomatically to each manager, according to area of responsibility. Each of these managers can then replay the sessions thatrelate to their systems, if necessary. In addition, detailed control reports for any time period are issued ad-hoc according towider auditing requirements.Benefits> Automated control reports with bulletproof evidence of user activity> Decrease in unnecessary user activity on production servers> Precise accountability that ties named users to each root admin |