Case Study: Corporate policy and regulatory compliance auditingServer side monitoring and compliance
The Eurobank Group is a financial institution, which operates in 6 European countries. The Eurobank Group has €58.0 billion in assets, with 653 customer service locations across Europe, and 13,162 employees.
Eurobank used to adopt server-side monitoring systems to comply with regulations and prevent corporate policy violations. As the company grew, the server infrastructure became increasingly complex. The number of insider threats rapidly increased. It became difficult for Eurobank to audit corporate policies and prevent all possible violations. Furthermore, compliance demands and rules in the banking industry continued to increase due to government policy requirements.
The bank decided to implement a new security monitoring system. This would allow them to bring universal coverage to server infrastructures, and monitor internal API endpoints and transactions across the entire bank ecosystem. The base requirements for the solution: a) universal coverage, b) easy to use, c) being cost effective.
In order to assess the ready-built monitoring solution, and, as a consequence, evaluate different choices, a pilot system was deployed. This started to monitor test servers by recording all terminal and remote user sessions. All user actions were logged, including privileged account activity.
After a long period of data recording, deep analytics were applied to obtain precise monitoring statistics. The depth of data recorded turned out not to be sufficient to fulfill the compliance targets set by the bank. Thus, a custom solution was needed to be implemented.
CodeCoda's team implemented an elegant solution, by hooking into all the servers, and having a dedicated set of servers monitors each other. This, Java-based, solution not only monitors but also is aware of any form of breach attempt. By applying a unique set of signature signing algorithms, cases of attempted illegal system entries are highlighted. All communications are logged and analyzed in real-time, allowing action to be taken before any transaction is concluded, or falsified.
Our solution made it virtually impossible to intrude into the system from the in- or outside.
Value Delivered by CodeCoda
With the development of server agents at all the Bank’s locations, the hooking into all communications, the monitoring of teller terminals and remote sessions and logging all user actions, the Bank could comply with the auditing specifications set out by legislation. In order to provide more optimal support of the bank’s server architecture, we still develop and implement new features according to their requests. With our solution, the bank has complied with all regulations. There is total control on server infrastructure and attempts to bypass security. A dedicated security team can now comfortably monitor all movements, using Deep Learning to alert for any internal or external breach attempts.