| Customers: Power bank Kazan; Financial services, investments and audit Product: Solar inRights (ранее Jet inView Identity Manager)На базе: Jet inView Project date: 2017/01 - 2018/05
|
On July 2, 2018 Solar Security, the company of group of PJSC Rostelecom announced completion of pilot implementing solution for management of access rights of Solar inRights in JSB Energobank. This project is a part of strategy of Bank on implementation of the concept of CARTA (Continuous Adaptive Risk and Trust Assessment) – continuous adaptive risk assessment and trust. Implementation was implemented together with AF ICL-KPO company.
The classical option of implementation of IdM means that the decision on providing access rights is made on the basis of approval of requests by owners of resources and the employee's heads. Within the concept of CARTA the decision on issue of the rights, according to a request and a role model, is accepted by a SIEM system and depends on a context of information security – timely installation of updates, availability of antivirus software on user workstation, the anomalies revealed in his behavior, and other. At such approach providing the rights happens not in one step, and every time when the user needs access to corporate information systems.
 | The commitment of Bank of this concept is caused by the fact that the traditional concepts "block bad" and "permit good" do not work when everything is potentially compromised, and we cannot distinguish the malefactor from the legal user. The compromise of credentials is a striking example of such situation. Within implementation of the concept of CARTA the decision on implementation of IdM passes into discharge strategic and, therefore, has a considerable impact on the level of a maturity of information security. Sergey Romanov, head of department of information security support of JSB Energobank
|  |
Cumulative project duration is estimated previously in 1-1.5 years. Pilot implementation of Solar inRights became its first step. From first month automation on the connected systems yielded visible result, including financial. Use of Solar inRights allowed to reduce the idle times of personnel arising because of a delay of providing access rights, to optimize costs for support of information systems which is calculated on the basis of quantity of accounts, and many other things.
| | It is not the first Solar inRights project in the bank industry, and it should be noted that the approach selected by Energobank unites possibilities of the technologies of management of access rights which are available in the market realized in Solar inRights, and the advanced approaches to risk management. Traditional technologies are used for effective opposition to threats. As a result, not only increases efficiency and transparency of processes of management of access, but the risks connected with unauthorized access to information systems significantly decrease. Dmitry Bondar, head Solar inRights of Solar Security company
| |
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |