Oberon ensured data security of clients of "SDM-bank"

2020: Data security provision of clients

On February 18, 2020 it became known that the Oberon company and SDM-Bank completed the project on data security provision of clients and corporate information of financial institution according to the international standard Payment Card Industry Data Security Standard (PCI DSS). For achievement of necessary indicators of protection and reliability the combined project team of bank and system integrator executed upgrade and segmentation of the data network (DN).

Regulations of PCI DSS required detailed audit of all our information flows. This stage became a complex analytical task for all experts. Initially specialists planned selection about 30 segments of SPD, however based on audit their number increased to 60. For each of them individual rules of access isolation and security were appointed. Total within the project we worked and configured 3,600 intersegment interactions, comments Ilyukhin Oleg, the vice chairman of the board, the Director of DIT of "SDM-bank"

For achievement of effective objectives network infrastructure of bank required upgrade and use of additional network equipment. It was necessary for safe handling of confidential data in SPD according to the appointed rules. Works on deployment of identical hardware-software schemes were carried out on two objects — platforms of the central and remote DPC of the customer.

Control of the updated infrastructure is exercised by means of the centralized solution with the single graphical interface and a possibility of both remote, and autonomous administration. For ensuring continuous protection of data centers against internal and external threats specialists of Oberon created a subsystem of firewalls (ITU) of the last generation. It is completely compatible to adjacent network solutions, including a cybersecurity monitoring system, and supports cluster and step-by-step reservation and also transition to disaster-proof UTsOD at emergence of a non-staff situation. The installed modules of ITU in real time allow to control and analyze network traffic for identification of the attacks (IDS), their prevention (IPS) and filtering at the level of applications (Application-Control) and also antivirus protection.

The updated network is functionally separated into segments of several security levels — internal, DMZ and external systems. In case of failure of any components automatic switching to spare network equipment is executed.

In "SDM-bank" the modern data network is started. It provides compliance to requirements of PCI DSS to the level of functional reliability and fault tolerance of network infrastructure. In a project deliverable we not just made the solution limited to some framework, and created the effective tool. With its help profile experts of bank will be able to expand and improve further a complex of means of cybersecurity, notes Evgeny Yashin, the CEO of Oberon company

The information systems of "SDM-bank" are configured on unified failsafe environment with reservation in each point of interface of networks. The unrolled infrastructure is simple in use and requires the minimum housekeeping overheads. Upgrade took place according to the plan without interruption of operating activities of the customer.