ObserveIT Case Study - Auditing remote access of employees at a leading financial institution by ObserveIT


More Info
									                                                                                                                 people audit

                                                    System Security and
                                                    Financial Control Reports
                                                    at Leumi Card
Case Study
                                                    Leumi Card Ltd. provides credit card and payment solutions throughout
                                                    Israel. Operating as a subsidiary of Bank Leumi, Israel's leading
                                                    commercial bank with $85 billion in assets, LeumiCard is one of the
                                                    largest credit card and payment solutions providers in the country.

“   This has dramatically
    decreased the number
                                                    LeumiCard’s infrastructure is managed in a highly-secured data center at
                                                    their corporate headquarters. The system platform runs on serveral
                                                    platforms, all with sensitive mission-critical applications.
    of user sessions on                             Ongoing operations and maintenance of these platforms require system
                                                    access by various privileged internal users, including software
    production machines.

Ofer Ben Artzy,
                                       ”            developers, system and storage infrastructure managers and application
                                                    managers. These users log in to production servers using RDP.
                                                    Corporate control reports require that LeumiCard be able to document
Manager of Infrastructure Systems
                                                    exactly what takes place on each production server, and to be able to
                                                    explain why the action was necessary.

LeumiCard deployed ObserveIT on their mission-critical servers in order achieve identity management, user policy messaging
and session recording. The first key to the solution involves shared-account (administrator) users being asked to provide
secondary named-user credentials, with userids validated via the company’s Active Directory system. This feature of
ObserveIT automatically guarantees that every single user session can be tied to a specific user.
Next, the user must acknowledge that s/he is aware that s/he is logging into a production server. “We discovered that this alone
has dramatically decreased the number of user sessions on production machines,” stated Ofer Ben Artzy, LeumiCard’s Manager
of Infrastructure Systems. “When you alert the users like this, they are more likely to find an alternative way to do their job via
secondary test servers, which means a reduced number of entries in my daily control reports that need to be reviewed.”
Finally, ObserveIT’s user session video recording captures a video replay of each user session. This portion of the solution
delivers the concrete evidence necessary when investigating security issues. Daily email control reports are delivered
automatically to each manager, according to area of responsibility. Each of these managers can then replay the sessions that
relate to their systems, if necessary. In addition, detailed control reports for any time period are issued ad-hoc according to
wider auditing requirements.

> Automated control reports with bulletproof evidence of user activity
> Decrease in unnecessary user activity on production servers
> Precise accountability that ties named users to each root admin access

info@observeit-sys.com | www.observeit-sys.com

To top