Case Study: Banking on Proactive Information Security: Page 2

(Page 2 of 2)

The bank was an early user of firewalls and intrusion detection systems, which gives Roberts confidence in its perimeter security. More recently, Bank of Alameda has concentrated on beefing up internal security. It acquired the Retina Network Security Scanner from eEye Digital Security, which provides reports about vulnerabilities at each workstation.

This was helpful, but, Robert says, "Once I knew what the vulnerability was, I had to go to each workstation to take care of it." With branches in five locations, that was time-consuming.

So the bank searched and found the Hercules product from Citadel Security Software, which automates much of vulnerability remediation. Hercules is able to accept reports from Retina, and allow the security administrator to determine what action to take.

"We can pick and choose what to remediate," says Roberts.

For example, if a software patch is required, the administrator can direct Hercules to go to the Microsoft site for the update, download it and apply it to each affected workstation.

"That's a great time saver for us," Roberts says.

The price of Hercules also was attractive when compared to other products priced from $20,000 to $30,000 that are doing similar work. Hercules is priced at $21 per device per year; the Bank of Alameda has 50 workstations and 11 servers.

The bank schedules remediation updates for times when users are not on their workstations, so there is little impact on productivity.

"We've been actively using it for six to eight months now, and everything is working great. It's doing exactly what we want it to do," Roberts says. The regulators are also pleased with the bank's proactive stance toward information security. "It's been a useful tool for us and would also be useful for other banks our size."

Page 2 of 2

Previous Page
1 2

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.