Client Description

The Eurobank Group is a financial institution, which operates in 6 European countries. The Eurobank Group has €58.0 billion in assets, with 653 customer service locations across Europe, and 13,162 employees.

Client Background

Eurobank used to adopt server-side monitoring systems to comply with regulations and prevent corporate policy violations. As the company grew, the server infrastructure became increasingly complex. The number of insider threats rapidly increased. It became difficult for Eurobank to audit corporate policies and prevent all possible violations. Furthermore, compliance demands and rules in the banking industry continued to increase due to government policy requirements.

Business Challenge

The bank decided to implement a new security monitoring system. This would allow them to bring universal coverage to server infrastructures, and monitor internal API endpoints and transactions across the entire bank ecosystem. The base requirements for the solution: a) universal coverage, b) easy to use, c) being cost effective.

Project Details

  • Client Name: Eurobank Group
  • Location: Athens, Greece
  • Industry: BankingFinancial Institution
  • Partnership Period: February 2016 - August 2016
  • Team Size: 4
  • Team Location: Plovdiv, Bulgaria
  • Services: Dedicated Development TeamMonitoring SolutionDeep AnalyticsArtificial IntelligenceDeep Learning
  • Technologies: Java
  • Project URL: https://www.eurobank.gr/en/group

Evaluation

In order to assess the ready-built monitoring solution, and, as a consequence, evaluate different choices, a pilot system was deployed. This started to monitor test servers by recording all terminal and remote user sessions. All user actions were logged, including privileged account activity.

<strong>Evaluation</strong>
<strong>Solution</strong>

Solution

After a long period of data recording, deep analytics were applied to obtain precise monitoring statistics. The depth of data recorded turned out not to be sufficient to fulfill the compliance targets set by the bank. Thus, a custom solution was needed to be implemented.

Implementation

CodeCoda's team implemented an elegant solution, by hooking into all the servers, and having a dedicated set of servers monitors each other. This, Java-based, solution not only monitors but also is aware of any form of breach attempt. By applying a unique set of signature signing algorithms, cases of attempted illegal system entries are highlighted. All communications are logged and analyzed in real-time, allowing action to be taken before any transaction is concluded, or falsified.
Our solution made it virtually impossible to intrude into the system from the in- or outside.

<strong>Implementation</strong>
<strong>Value Delivered</strong> by CodeCoda

Value Delivered by CodeCoda

With the development of server agents at all the Bank’s locations, the hooking into all communications, the monitoring of teller terminals and remote sessions and logging all user actions, the Bank could comply with the auditing specifications set out by legislation. In order to provide more optimal support of the bank’s server architecture, we still develop and implement new features according to their requests. With our solution, the bank has complied with all regulations. There is total control on server infrastructure and attempts to bypass security. A dedicated security team can now comfortably monitor all movements, using Deep Learning to alert for any internal or external breach attempts.