Jet Infosystems implemented the solution Imperva in protection of databases of SKB-Bank

On May 22, 2018 announced Jet Infosystems upgrade of a system of protection of the database of SKB-Bank using the solution Imperva.

A system provides protection of client data against external and internal threats and also compliance to requirements of the PCI DSS standard to data protection of holders of payment cards. Further the bank is going to expand use of the platform for protection of web applications.

As a result of upgrade of a system the transparency of work with the database increased and the procedure of conducting investigation of the incidents connected with violation of security policies became simpler. It became possible as a result of ensuring fixing of all facts of addressing the database from the staff of SKB-Bank: administrators of base and employees of front offices of bank – agents of call center, operators and managers. Daily in the magazine of registration of events remains on several gigabyte of information which are on operational storage not less than 3 months.

"Working with the large volume of confidential information, we impose increased requirements to data protection of our clients. With this system we could not only provide the necessary security level, but also receive the convenient working tool with which it is possible to solve the current problems of a security service". Denis Uleyko, director of the department of information security of SKB-Bank

The mechanism of profiling of actions of users put in a system allows to reveal deviations from typical behavior, such as appeal to objects not inherent of an administrator role, access attempt from unknown devices and so on. At detection of anomaly a system instantly notifies on it the duty security service specialist.

The clear and user-friendly interface of a system allows security service specialists to create necessary reports independently. And use of a system in the mode of monitoring of the copy of traffic (i.e. without use of special software agents) gives them the chance to work without involvement of IT department and without loading the productive systems.

Within the implementing solution Imperva experts of Jet Infosystems company developed a flexible search mechanism according to the magazine, for example, on regular expressions or on specific mere verbiages for the set time frame. When conducting investigation this mechanism allows to set who when and what data obtained from base. Besides, for rapid response and broader investigation of incidents, the system of protection of databases is integrated with an event management system of information security (SIEM).