SWIFT CSP Compliance with Ekran System – Cecabank
Cecabank, S.A. is a Spanish wholesale bank, founded in 2012, that targets large corporations in Spain and
internationally. It offers a large set of services from securities to cash management to banking. Cecabank has
representative offices in the UK, Hong Kong, France, and Germany.
Like many financial organizations, Cecabank works with the SWIFT network. In particular, the bank provides
its internal employees and third-party banks with access to Alliance Access, SWIFT’s main messaging service.
In order to meet SWIFT Customer Security Program (CSP) requirements, Cecabank needs to ensure an
appropriate level of data protection. Specifically, they need to reduce the risk of SWIFT account compromise
and detect potential use of compromised SWIFT credentials.
Cecabank decided to trust Ekran System with this challenging task. Bank users access the SWIFT
environment via two Citrix servers and Citrix XenApp. Therefore, the decision was made to record all
successful logins into the SWIFT network. This way, users logged into the SWIFT network can be easily
associated with users logged into the bank system.
To do this, Cecabank employed Ekran System’s brand-new SWIFT user monitoring feature. Using an optical
character recognition (OCR) algorithm, Ekran System recognizes and logs usernames used for entering the
SWIFT environment. These logged usernames can be viewed in a log file on the Ekran System Server. In
addition, they can be forwarded to the client’s SIEM system. There, all records may be analyzed more
With the newly introduced SWIFT username monitoring feature in place, Ekran System provides a number of
● Compliance with SWIFT CSP requirements – Ekran System’s SWIFT username monitoring feature
enables comprehensive logging and monitoring of sessions and events, allowing companies to meet
SWIFT CSP security requirements with ease.
● Additional visibility inside the SWIFT environment – Ekran System provides logs with all
usernames used for entering the SWIFT network as an additional security check.
● No additional software needed – SWIFT username monitoring is already implemented in the latest
Ekran System release and requires no installation of additional software.
● Enterprise friendly – Ekran System includes enterprise-ready features such as multi-tenant
deployment, high availability, advanced archiving, SIEM and ticketing system integration, and 24/7
● Universal solution – Ekran System supports a wide range of platforms including Windows, Linux,
Citrix, and VMware.
Cecabank was satisfied with Ekran’s solution, and we anticipate that this project will be the beginning of a
Ekran customized some of their functionality to help us solve our security task. Now, monitoring and auditing
users accessing the SWIFT network through our environment is much easier.