To ensure the security of financial data, any bank has to simultaneously supervise the activity of administrators and subcontractors on terminal servers. This task was particularly challenging for VakifBank. As an international corporation, they needed a way to manage an unlimited number of privileged users.
In particular, VakifBank had to manage all privileged users to control their access to terminal servers. They also needed to
constantly have a clear picture of all employees’ manipulations of sensitive data.
Moreover, the bank is required to store detailed user session recordings for a long period of time to be able to analyze them as needed or during security and compliance audits.
VakifBank has to comply with Turkish and international IT cybersecurity requirements in the banking sphere, as it works with sensitive financial and personal information.
Before contacting us, VakifBank had used other user activity monitoring solutions, but they didn’t fit the bank’s budget. They were looking for an alternative and chose Ekran System as the software with the best ratio of technical capabilities and price.
VakifBank is a government-run bank headquartered in Istanbul, Turkey. It provides core banking products and services, capital markets operations, and investment banking. VakifBank is one of the five biggest banks in Turkey and ranks second by asset size.
The bank funds domestic trade through a large network of branches. Foreign branches are located in the USA, Bahrain, Iraq, and
Qatar. VakifBank has almost 17,000 employees and more than 3,000 subcontractors.
Using Ekran System’s multiple capabilities, VakifBank enhanced its cybersecurity on terminal servers and achieved:
• Centralized and quick configuration of access permissions
• An automated and convenient way to manage user access rights and privileges
• Fast response to any security incident
• Visibility into who does what with sensitive data
• Ability to review all user activity in real time and in recordings
• Ability to store a large number of session recordings for a long time
• Ability to generate advanced reports
• Immutable evidence for incident investigations
• Needs met within the customer’s budget
• Flexible management of as many users as needed
Additionally, thanks to Ekran System’s rich functionality, the customer ensured compliance with cybersecurity standards, laws, and regulations.
HOW WE DID IT
The customer managed to overcome their cybersecurity challenges using the following Ekran System functionality:
Privileged user management. VakifBank’s security officers fully control privileged user activity on terminal servers — from user access requests till the end of each privileged session. With Ekran System functionality, the customer can automatically provide credentials and password vaults to all system users as well as grant, revoke, and control user privileges.
Continuous activity monitoring of all types of users. The bank’s security officers can simultaneously monitor subcontractors’ and administrators’ activity and see who does what with sensitive data.
Alerts on suspicious activity and incident response. VakifBank’s security team can detect every suspicious action using Ekran System’s alerts and notifications tool. After that, our product incident response capabilities help the customer respond to suspicious user actions.
Rich recording capabilities with built-in tools for reviewing sessions. Using Ekran System, our customer can record all monitored sessions with metadata and analyze them in real time or in records. VakifBank now stores its session records in a centralized database in an indexed format that is specifically optimized by Ekran System to consume less storage space.
Various customizable reporting options. With the help of Ekran System’s rich reporting options, the customer’s security team can generate reports of any type, search for any event in recorded sessions, and even export sessions in an encrypted format for security investigation needs.
Licensing by number of endpoints. VakifBank managed to stay within its budget due to Ekran System’s licensing scheme, which is based on the number of protected endpoints, not users. The organization can now supervise an unlimited number of users with Ekran System Clients installed on the bank’s terminal servers. Moreover, with floating licensing, the bank’s admins can reassign existing licenses from one terminal server to another instead of buying additional licenses.
VakifBank started using Ekran System after bank representatives were satisfied with the proof of concept version of the product. The customer has stated that Ekran System helps them comply with banking regulations. We’ve been successfully working together for two years and plan to continue our cooperation with VakifBank. Need to effectively supe