"Tinkoff Credit Systems" implements DBMS monitoring system

On December 1, 2014 the Tinkoff Credit Systems bank (TKS Bank) and Jet Infosystems company announced creation of a monitoring system of databases, highly critical for business of the customer, and protection against unauthorized access to them on the basis of Imperva technologies.

Project Tasks

As clients of TKS of Bank are serviced using channels of remote banking, and the staff of customer service center of bank (more than 1 thousand people) process up to 4 thousand requests a day, such volume of transactions causes the high importance of security of financial transactions, process automation of audit and control of actions of employees with exclusive access rights to information systems. The Jet Infosystems company is elected the partner of the project.

Project Progress

According to the results of audit experts of integrator selected subject to protection – a segment of IT infrastructure of bank where the automated system of CRM, databases integrated to it and management systems entered. Functional and structural requirements to the planned monitoring system as a part of which high-performance balancers of network traffic, gateways of monitoring of requests to DBMS, servers of management Imperva and a storage system of audit are created.

Security policies for control of requests to these, unauthorized changes of access rights, accomplishment by users of exclusive commands, data access for holders of payment cards, etc. are configured. A number of the security settings considering specific requirements of bank is developed. Audit of addressing of staff of customer service center of bank data on credit limits, access control to data on deposits, fixing of data on export of data, etc. are provided.

In a system the profile of actions of users with DBMS for detection of atypical behavior is created: several dozens of groups of reference profiles according to which Imperva reveals cases of abnormal user activity are created and automatically notify on them administrators of cybersecurity (by e-mail and by means of the web console). A system helps cybersecurity specialists to create the reporting of several types quickly: on violation of security policies, audit of actions of users, SQL injections, etc. Besides, a system has possibilities of assessment of access rights of users of DBMS, identification of the accounts which are at the same time used by different employees and provides this information in the form of analytical reports on demand.

Project Results

"We received a system which, on the one hand, most fully conforms to relevant requirements of business and security of client data. And with another – has a considerable stock on scalability and it is expected quadruple increase in loading at the corresponding building of number of the gateways Imperva in a stack of the balancer of loading, − Stanislav Pavlunin, the vice president for security of Tinkoff Credit Systems Bank told. − Protection of critical data using Imperva technologies allowed us to reduce the whole complex of the information risks connected with abuse of the privileges of access, vulnerabilities of software, the attacks like SQL Injection and other".

"To us as to integrator, this project is interesting, including, and from the technology point of view. We built in the hardware and software system Imperva a monovendor linking of a CRM-application and the database. However we were faced by a task to create the solution, guaranteed effective in the conditions of polyvendor IT infrastructure, as development plans for a monitoring system include connection to it about 20 more business applications based on technologies of other producers", − Elman Beybutov, the head of protection of databases and SOC of Jet Infosystems company reported.