The Banking and Financial Industry has always been a major target for security attacks and breaches primarily due to the nature of the industry. In addition to this most of the large players have been increasing their footprints across regions through organic as well as inorganic growth which was resulting in increased complexities, operating costs in addition to the ever present regulatory and compliance pressures
Being one of the largest financial corporations based out of America, the client was overwhelmed by monitoring and analyzing huge number of events generated by their large network infrastructure comprising of numerous firewalls, IDS/IPS, proxies. They wanted an IT partner who could ensure high standards of security as well as respond quickly to keep projects on track, consistently perform to high standards and continually seek out new ways to reduce operating costs.
The client also wanted to ensure proactive security measures through 24*7 monitoring of the actions of privileged users which were being performed on above 6000+ devices spread across various platforms viz.; wintel, linux, teradata etc
Wipro provided a managed security services engagement focusing on Network Security and Privileged Event Monitoring.
Wipro focused its solution on the following key tenets
- 24x7 monitoring of the entire network infrastructure by configuring Correlation rules – to notify on security breach. Configured and scheduled reports for uncontrolled, Demilitarized Zone, Intranet traffic to understand & baseline the traffic activity in the network template
- Proactive monitoring of the network infrastructure to signal signs of positive/negative spikes (signs of breach) on any of the devices
Generated, analyzed and maintained the privileged activity reports on a daily basis with retention period of 13 months. This is a mandate requirement per the controls enforced by the risk policy also required for the internal and external SOX audits
Wipro took over additional processes/responsibilities with the current team strength. These included detecting and remediating malware infections across the network using FireEye MPS and McAfee EPO, working with the client’s threat intelligence team on categorizing websites/URLs (as phishing, malicious etc.) with bluecoat proxy team based on the intelligence reports