MSP Bank implemented the solution for controlled secure access of employees to infrastructure

Load of IT infrastructure of the company grows in a situation with rapid growth of the employees working remotely at the corresponding rates and it becomes more difficult to control actions of users. This problem can be solved with the help of the corresponding IT solutions. For example, acted in MSP Bank this way, there implemented a control system of actions of privileged users to SKDP of NT.

During a pandemic it is more difficult to control users of IT infrastructure

Despite all restrictions of the companies and the requirement of regulators the remote access remains demanded service. Especially relevant it became during a pandemic — remote users become more and more, and configurations of IT infrastructure become complicated.

If earlier business had enough solution for 50 remote users, then now they need 5000 at once. Similarly there is wider transfer under control of a system of different infrastructures — we fix jump from 100-200 direct systems to 3000 and more — the technical director of IT Bastion Dmitry Mikheyev says.

Node of remote access — critical service if transfer access for specialists in business challenges to it: financiers, logistic, accounting. The companies apply additional resources of authorization, integrate them into a security system of the company — with the Active Directory, means of multiple-factor authorization, DLP and AV means. On the one hand, it needs to be done according to requirements of regulators — that responsible for security solved the problems of control with another. As a result, in composition there are several gateways providing access to different segments of an information system on subordination and responsibility.

Such growth as a rule does not mean that operators of a system will become more. There is more work for already available employees rather. In that case responsible for suddenly grown system means of the analysis, search and the reporting are required effectively to solve new problems. Conditionally, if there was enough minimum complete set of a system earlier — only the gateway — now it is necessary to implement the module of the analysis of anomalies and the reporting. And SKDP can unroll a control system of actions of privileged users of NT which was developed and implement IT BASTION.

As SKDPU NT works

The control system of access for privileged users of SKDPU is present at the market since 2014. SKDPU NT "IT Bastion" began to develop its new version since 2017 because customers wanted to receive more functional product smoothly from earlier implemented solutions. A system which was announced on December 7, 2018 has backward compatibility with earlier products of the company of SKDPU and SKDPU the Compact. And NT means 'new technologies'.

If to explain with simple words, SKDPU NT allows to organize remote access to critical elements of infrastructure controlled for their management, setup and control of work. A system allows to keep detailed record of the operations performed by contractors, up to video fixing, record of contents of files, the executed commands and transactions in dialog boxes.

At its use it is possible to give to contractors the chance to perform operations on infrastructure with administrative powers, without issuing to contractors of knowledge of administrative passwords, keys of access and in general excess knowledge of infrastructure devices. All operations performed by external or internal contractors through SKDPU NT can be written, analyzed in detail and if necessary to investigate in the future.

Also in the solution possibilities of the automatic analysis of actions, profilings of behavior of users are put. It allows to find anomalies in behavior and to draw attention of security officers to the most potentially dangerous situations and persons which have access to infrastructure. For each user a system creates his digital profile on the basis of its typical actions therefore deviations from standard scenarios become visible at once.

Architecturally the solution represents the gateway of protocols of remote access with a necessary integration binding: means of authorization, management, storages and data analysis. A reference platform of the solution Astra-Linux SE — OS the Russian production, strengthened regarding security. A system can be completed with add-on modules which provide scaling on power, fault tolerance, long-term storage, detecting of anomalies in actions of users.

We use our products for various in the size and purpose of projects, from minimum — access to 1 protected server, for example, to quite large when there are thousands of servers, hundreds of active users, the otkazoustochivy geodistributed implementations and so on — Dmitry Mikheyev tells. — The size of customer companies can differ too, here more likely from tasks there is a need of the similar solution. If the company involves many external contractors, then it does not mean yet that the company big. Our products are unrolled at the enterprises of a public sector, in financial institutions and on large industrial enterprises. For example, among our customers — DIT of Moscow, by the way, the biggest installation in Europe, JSC Sberbank Leasing, RN-Uvatneftegaz LLC, JSC United Shipbuilding Corporation

Experience of implementation in MSP Bank

One of the last examples of implementation of SKDPU NT — MSP Bank. IT of Bastion notes that in the banking sector there is a number of features: it is most often large infrastructure, tough separation of powers and as a result large-scale projects. As banking organizations traditionally pay much attention to questions of stability and scaling, it leads to not the simplest solutions at design and implementation.

In a case with MSP Bank implementation happened on two platforms of the customer, in two different data centers at once. For reliability augmentation and scaling on power within the project unrolled several SKDPU nodes, provided balancing of connections between them and also connected to nodes of the analysis and monitoring.

the SKDPU System allowed to organize for employees of MSP bank the protected remote access to information systems and resources as soon as possible. SKDPU meets all requirements imposed to protection and control of remote access and also has the interface, simple and intuitive for users — the head of Information Security Service of department of economic and information security of "The Russian bank of support of a small and medium entrepreneurship" Dmitry Sushkov notes.

As a system has access to actions of privileged users on critical elements of infrastructure, such as commands, transmitted data, information on the run applications, implemented it within tasks of service cybersecurity. Use search of anomalies, investigations and work with incidents both the cybersecurity, and IT specialists can.

Right now the project develops — already there took place pilot implementation, trial operation in limited scale and transfer to commercial operation. In parallel employees of the bank master a new system. First of all it concerns specialists of IT and cybersecurity who operate and accompany SKDPU NT.

As the project large-scale and rather difficult, specialists of our technical support are ready to tell, explain if something is impossible or there are conceptual questions. We held several events where we presented the solution and answered questions. Besides employees of the bank together with us worked at all stages therefore they managed to accumulate enough experience — the technical director of IT Bastion explains.