Case Study: Banking on Proactive Information Security

The Bank of Alameda in Alameda, Calif., has put in place a secure infrastructure that can be managed by a small IT staff and which leverages state-of-the-art tools in automated remediation management.
(Page 1 of 2)

Competition for consumer business in the banking industry is playing out more and more on Web-based products and services, as banks seek to differentiate by making it easier for customers to check balances, conduct transfers and pay bills online. This was especially true at the Bank of Alameda in Alameda, Calif., a mid-sized bank founded in 1998.

This higher reliance on the Web cannot come at the risk of exposing bank customers to violations of their privacy, identify theft, or other information security risks of online banking. So Bank of Alameda has put in place a secure infrastructure that can be managed by a small IT staff, one that leverages state of the art tools in automated remediation management to get the job done.

In 1998, when the big security push was the Year 2000 threat and the fear that computers would crawl to a halt at midnight on Dec. 31, 1999, federal bank regulators were looking closely to see that banks were ready.

"We thought we were OK because we had all brand-new equipment," says Michael Roberts, chief information officer for the bank. "But they said that's not enough, you had to test and then document everything."

The bank did that, putting policies and procedures in place to meet the regulatory requirements. From that experience the bank concluded that a proactive security stance was the best approach.

"We decided to stay on the forefront of what was happening in security to protect the infrastructure that we had developed," Roberts said.

Bank of Alameda has five branches that are all connected with a T-1 line. Backroom processing is outsourced to Fiserv, an information management provider for the financial services industry, with clients in 60 countries and 21,000 employees. The bank connects to Fiserv via a frame relay.

"A lot of what I do is vendor management," says Roberts, who has one other person on his IT staff.

Page 1 of 2

1 2
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.