Solutions For Financial Institutions
Security Challenges
The challenges facing financial institutions are enormous. The demands placed on IT managers, and GLBA Security Officers are daunting. The issues are so complex that some institutions have even taken a "wait and see" approach to compliance. Unfortunately, this approach is simply not practical. Compliance is not only the law, it's good business. Whether your goal is to meet national, state, or regional regulations or just to sleep better at night, we can help.
The TriGeo Security Information Manager greatly simplifies network management and monitoring. The sense of control is immediate and liberating. Once your network security has been centralized, youll find that your regulatory auditing, reporting and certification procedures will be dramatically easier.
TriGeo streamlines and strengthens your existing network security in six distinct areas:
1. In-House, real time, consolidated monitoring console
Problem
A hacker or virus attacks your system. Without immediate visibility, the network administrator won't discover the intrusion until he looks at the many logs of data from each of the security tools. This delayed response could result in stolen data, loss of data, loss of productivity, loss of reputation, and potentially, liability for your financial institution.
Solution
TriGeo provides your network administrator with a management console, which allows real time in-house monitoring of your entire network. TriGeo aggregates log data from your disparate security tools, and consolidates this raw data into useful network event information. From a central console, your network administrator can monitor all security issues. This gives your network administrator ample time to detect and respond to an alert or attack.
2. Auditing and Reporting
Problem
Your existing security tools generate thousands, even tens of thousands, of log entries. Not only are these difficult to review, but reporting and analysis is a time-consuming, error-prone process. The result is that independent audits are overly complex, and often highlight the organizations inability to identify and respond to security events.
Solution
TriGeo's consolidated logs make it easy to get the big picture, and more importantly, to demonstrate to independent auditors that you know precisely what's happening in your network. Of course, the time savings and greater accuracy, combined with your ability to rapidly identify and respond to events, will contribute to your own peace of mind.
3. Response
Problem
Your operation's response to a system attack is mostly manual. Attacks move at internet speeds, yet a manual response to an attack is far too slow, allowing the perpetrator access to your network for far too long. This situation opens your financial institution to more risk.
Solution
TriGeo provides a real-time, automated, attack response. If an attack occurs, a predefined response policy would be implemented in a fraction of a second. For instance, if a PC were to become infected with the Nimda virus, that PC could immediately be cut off from the network, stopping the virus in its tracks. The same is true for a hacker. TriGeo would cut off the point of entry immediately. TriGeo's automated response protects your sensitive data assets at internet speed.
4. Notification
Problem
If your financial institution was attacked by a hacker or a virus, the network administrator may not realize it until the next day, or even the next week. This would give the perpetrator free reign of your network, thus opening your institution to more risk.
Solution
TriGeo provides a real-time, automated, event and attack notification. Security events can be linked to a specific set of notification options. If an attack occurs, your network administrator could be notified via email, cell phone, or pager - whichever was most appropriate, thus giving them ample time to intervene and respond appropriately.
5. Intrusion Detection System (IDS)
Problem
Intrusion Detection Systems can provide significant, real-time, information regarding activity on your network. Unfortunately, IDS adoption has been slowed by the cost and effort associated with these products.
Solution
TriGeo supports the leading commercial Intrusion Detection Systems, so we're able to integrate with your current network security tools. However, we also provide a customized, fully-configured, version of a public domain IDS product called Snort. This product ranks as one the top IDS products, including the commercial solutions. By packaging it with TriGeo, we're able to provide you with a sophisticated security tool without the complexity of installing and configuring it yourself.
6. Internal Attack
Problem
It is commonly reported that over 76% of all security breaches and attacks, are internally generated. If your network administrator does not have visibility down to the workstation level, it will be difficult for them to detect potential internal attacks, breaches in security or inappropriate system access. This situation adds to your overall risk.
Solution
TriGeo allows your network administrator to monitor internal workstation activity, including log-in, log-out, power-on, power-off, and password failure. In addition, Windows 2000 security event auditing allows TriGeo to track file and directory access attempts and failures. This helps identify potential internal attacks or security infractions, thus reducing risk to your operation, and increasing control of employee access to sensitive information.
