Varonis Systems, a provider of software solutions for unstructured, human-generated enterprise data, today revealed details of how it has helped ING Direct ensure its systems are secure and that customers' interests are protected at all times.
Using Varonis DatAdvantage, the bank is able to monitor who is accessing and changing records to guarantee that all actions are authorised. It also allows ING DIRECT to visualise and manage permissions, which helps to meet regulatory obligations.
DatAdvantage details each time critical files are changed or modified, at what time and by whom, as Kash Sharma, Identity Management for ING DIRECT explains, "Being a bank, we monitor practically everything an individual does on our network. For example, we have payments that are scheduled to be sent overnight to other banks and financial institutions.
There is a cut-off point when these files are no longer allowed to be modified. DatAdvantage allows us to schedule and circulate a report that details each time the files are changed or modified, at what time, and by whom. Someone then manually checks the reports to make sure that everything has been authorised and conducted correctly and that none have been tampered or interfered with."
In addition, DatAdvantage is invaluable to ING DIRECT's access provisioning. Previously, each folder's permissions had to be examined individually - a time consuming process. With its bi-directional view of permissions, DatAdvantage quickly maps all groups and users to the data they're able to access. This allows ING DIRECT to visualize and manage its permissions from a single interface. Kash adds, "The system access administrators use DatAdvantage on a daily basis to check permissions and usage on all our folders, and easily simulate and execute any clean ups that they need to, based on its recommendations."
With strict regulation requirements imposed on the financial sector, DatAdvantage helps ING DIRECT meet some of its compliance obligations. Kash concludes, "Varonis gives us the monitoring view that we lacked previously - in terms of regulation, on a file server level. It's even helping the IT operation team troubleshoot as they can see if there have been any permissions changed, especially if they've caused a problem, and can identify what it was and then work backwards from there to fix the issue."