SECURITY AND PRIVACY
IBA Security is the center of competence of IBA Group, geographically distributed and consolidating cybersecurity expertise.We have launched more than 100 security systems for Financial and Insurance, Transport and Logistics, Energy and Utilities, Telecommunication companies, and Data Centers.
THE BANK ENSURES COMPLIANCE WITH PCI – DSS
The Bank detects the network attacks automatically, the staff’s actions in enterprise applications and also privileged users’ actions in Active Directory. The system notifies security officers about the incident, and makes analytical reports.
The Bank has ensured compliance with PCI-DSS standards, which directly affects the Bank’s business processes and their functioning.
THE BANK REDUCES ADMINISTRATION COSTS
Bank employees manually performed 500-600 administration operations per month. Now operations are performed automatically after the implementation of the user access control system. IT Department have got a tool to audit the authority of employees, change the level of access and delete user accounts of released employees.
SOLUTIONS & PRODUCTS
- Privileged Identity
THE EFFECTS OF THE INTRODUCTION OF SYMANTEC DATA LOSS PREVENTION
– Categorize corporate information
– Assess the current state and level of protection of confidential information
– Develop plan of the Information Security System.
Long term effect:
– Improve knowledge and enhance employees’ responsibility
– Reduce the number and complexity of incidents
– Improve the sustainability of business processes
SOLUTIONS & PRODUCTS
- Database Firewall (Monitoring)
THE BANK IMPLEMENTED AN AUTOMATED VULNERABILITY SEARCH
We analyzed customer’s requirements and assets and implemented a scanning system for the Bank allocated structure and web resources. Vulnerability scanning software sends automatic notifications with the scan results to Information Security Department. The Bank management receives assets or groups of assets reports, vulnerabilities reports, etc.
Vulnerability scanning software is integrated with the existing Information Security System.
SOLUTIONS & PRODUCTS
- Web Application Firewall
- Email Security
- Vulnerability Management
- SOA/API Security
THE IT COMPANY REDUCED COSTS ON AUDITION OF ITS CUSTOMERS’ SECURITY SYSTEMS
Together with the client team we have developed JAVA applications to collect information during verification process. 20 TSCM policies for operating and application systems including network devices have been set up.
– Operating systems: AIX, Linux, Solaris, Windows, etc.
– Applications: Lotus Domino, Exchange, MQ Series, SAP, DB2, etc.
– Network devices: Cisco IOS, Cisco CATOS, Cisco PIX, Nokia IPSO, etc.
SOLUTIONS & PRODUCTS
- Web/URL Filtering
- Cloud Security
- Mainframe Security
IBA Security is a team of 40 information security engineers who develop custom hardware and software solutions and work with cloud systems. IBA Security Department works together with 2000 engineers of IBA Group Development Departments.
IBA Security Products and Solutions complies with international security standards: ISO 27001, ISO 20000-1, EN ISO 9001, GDPR, PSD2, PCI-DSS.
- We carry out an audit of the current information security state in a company
- We take stocks of primary and secondary assets
- We build a directory of threats specific to the company and its industry
- We scan company assets for vulnerabilities
- We build a model of information security risks.
Check for compliance with the requirements
- We develop tasks on security
- We prepare information system for the certification in accordance with order No.64 of Belorussian Operative Analytical Centre
- We prepare company for ISO 27001 certification
- We carry out an audit of processes to comply with the GDPR.
- We scan corporate systems for vulnerabilities
- We prepare a detailed report about the vulnerabilities. Vulnerabilities are ranked in order of importance
- We prepare the remediation-plan remotely. After a day or a week you can get the scan result.
THE IT COMPANY HAS REDUCED COSTS TO AUDIT THE SECURITY OF ITS CUSTOMERS' SYSTEMS
We analyzed customer requirements, developed and tested 20 TSCM policies and java applications to collect information.
We would also like to note the high level of professionalism of IBA Group specialists in terms of technical competence in the field of modern business intelligence and information management platforms
HOW WE DO IT
Our specialist make a preliminary survey of your systems free of charge. Our strategy is to be partners and have a trusting relationship with colleagues.
We already have showcases where we can demonstrate our solutions. To assess the feasibility of implementation, we are ready to make a micro-project and quickly deploy a pilot system in your infrastructure and with your data.
Our consultants and business analysts will help you to study your business processes from the point of view of information security management, as well as the elimination of conflicts of interest. We will prepare technical requirements and recommendations.
We undertake work on choosing most suited for you licensing products terms. We are official partners of information security vendors. We understand all possibilities, have an experience of negotiations with vendors and reliable information about discounts and promotions.
Our experts are constantly working on the territory of customers, so we know your business processes and what kind of support we need from you. We are ready to educate your staff and launch the system.
If the standard configuration of the products is not enough for you, we develop integration modules within the project, make a personalized reporting system, automate according to your business processes, adapt the interface to your standards.
We offer a flexible support model that depends on your real needs, expected system load and our vendor equipment reliability statistics. We are ready to work on the model of full support (24×7 mode) or on the model of “accident insurance” (one-time appeals).
We are ready to provide consultants and business architects to work on your site to audit the corporate information security system. We provide services of reengineering, analysis for compliance with standards and regulations.