| Customers: West Siberian commercial bank (Zapsibkombank)
Contractors: DialogNauka Product: Imperva SecureSphere Database Activity Monitoring (SSDAM)На базе: Imperva SecureSphere Project date: 2018/12 - 2019/05
|
2019
On May 29, 2019 the DialogNauka company announced, that it completed the works on creation of the Access Control System (ACS) to the Database Management System (DMS) in PJSC Zapsibkombank using the solution Imperva DAM.
According to the company, within continuous improvement of information security representatives of Zapsibkombank addressed specialists of DialogNauka company for the complete solution of a task of creation of the Control system of access to DBMS using the product Imperva DAM (Database Activity Monitoring).
The control system of access to DBMS is intended for:
- monitoring of requests regarding the possible attacks;
- monitoring of requests regarding violation of requirements of regulators;
- monitoring of actions of users of DBMS.
The purpose of creation of a System was increase in the overall level of security and ensuring access audit to information resources of PJSC Zapsibkombank. Compliance to requirements of the current legislation of the Russian Federation was one of requirements during creation of a System.
Creation of SKD was performed in several stages:
- technical project development on system implementation;
- supply of equipment and software licenses Imperva DAM;
- implementation of SKD;
- trial operation of SKD;
- development of operational documentation.
In a project deliverable the transparency of work with DBMS increased and mechanisms of conducting investigation of incidents which are connected with violation of security policies became simpler. It became possible thanks to fixing of all cases of appeals to DBMS from employees of the bank and applications. In daily magazines of registration of events all necessary information is saved.
The mechanism of profiling of actions of users put in the solution provides identification of deviations from usual behavior. For example, the appeal to the objects not inherent of an administrator role, access attempt from unknown devices, etc. At detection of anomaly a system instantly notifies on it the employee of Information Security Service.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |