Banking on Efficiency

Banking on Efficiency

Maintaining financial services compliance requirements

Operating in more than 4,000 buildings, one of the largest U.S. banks could not keep up with the onboarding and off-boarding of 300,000-plus employees, contractors, vendors and visitors.

Thousands of people were involved in approving building access, all working in different departments at different locations, each with their own manual processes and compliance requirements. The sheer number of identities to manage was overwhelming and consisted of cumbersome, manual processes using multiple emails and phone calls across the organization.

It often took days to get a new employee an access card. Scarier yet were delays in removing an identity from the system, giving ex-employees and non-employees access after their termination dates. All of the manual processes above bogged down the Security Operations department in volleying emails, running reports and doing endless data entry. Rather than hire more people to resolve these issues, the bank looked at technology to streamline its operations, increase efficiencies and manage identities.

Identity Compliance

Maintaining financial services compliance requirements by manually auditing individual access privileges was nearly impossible. The Security Operations audit process consisted of Excel sheets that were shared and reviewed securely by various teams but took months to complete. The bank was falling out of compliance and wasting money.

Implementing AMAG Technology’s Symmetry CONNECT web-based identity management platform with Symmetry Access Control automated all of these manual processes. Automated notifications sent via CONNECT workflow automated re-certifications and access requests, allowing the bank to enforce compliance requirements.

The bank faced many challenges, but one of the most significant were the manual onboarding and off-boarding process for the more than 300,000 employees, vendors and contractors. The email- and paper-based access request process involved thousands of local approvers, lacked a cost effective way to review, audit or complete access privileges, and created an inefficient security department based on a centralized security architecture.

Other challenges made it impossible to enforce corporate audit and security policies and implementation of a homegrown system that produced a 31 percent completion rate of quarterly access audits.

Streamlined Access

Using this solution allowed the banking system to use a policy-based identity management platform to automate all manual processes, improve efficiencies, reduce risk and help bank meet audit and compliance requirements, register more than 3,000 access area owners, and provide notifications and escalations to be automatically sent to access owners and managers during audits to enforce compliance.

Banking staff have been able to complete quarterly audits per corporate policy, streamline the access request process and eliminate all manual work efforts, as well as implement distributed security architecture to more efficiently manage identities.

With this solution, the bank achieved automated on and off boarding, the distributed model, increased efficiencies meant faster turnaround with lower labor cost and automated workflow provided simple method for access area owners to action access requests. The bank estimated that it will save more than $1 million in annually and be able to create audit reports instantly to meet compliance requirements. This update also will reduce access confirmation audits from more than 1 million to 500,000 and provide 100 percent completion of every quarterly audit since implementation.

Using the identity management software, the bank restructured its operations to a distributed model, allowing access owners to action access requests, audit their secure areas and manage identities with the click of a button. This eliminated the security team bottleneck, saved the bank millions of dollars in labor and created a safer environment. Detailed audit reports allowed the bank to prove that compliance requirements were met and maintained over time.

This article originally appeared in the February 2018 issue of Security Today.

About the Author

Kim Rahfaldt is Director of Media Relations at AMAG Technology, Inc., based in Torrance, Calif.

Featured

  • Live From ISC West: Day 2 Recap

    If it’s even possible, Day 2 of ISC West in Las Vegas, Nevada, was even busier than the first. Remember to keep tabs on our Live From ISC West page for news and updates from the show floor at the Venetian, because there’s more news coming out than anyone could be expected to keep track of. Our Live From sponsors—NAPCO Security, Alibi Security, Vistacom, RGB Spectrum, and DoorKing—kept the momentum from Day 1 going with packed booths, happy hours, giveaways, product demonstrations, and more. Read Now

    • Industry Events
    • ISC West
  • Visiting Sin City

    I’m a recovering alcoholic, ten years sober this June. I almost wrote “recovered alcoholic,” because it’s a problem I’ve long since put to bed in every practical sense. But anyone who’s dealt with addiction knows that that part of your brain never goes away. You just learn to tell the difference between that insidious voice in your head and your actual internal monologue, and you get better at telling the other guy to shut up. Read Now

  • On My Way Out the Door

    To answer that one question I always get, at every booth visit, I have seen amazing product technology, solutions and above all else, the people that make it all work. Read Now

    • Industry Events
    • ISC West
  • Return to Form

    My first security trade show was in 2021. At the time, I was awed by the sheer magnitude of the event and the spectacle of products on display. But this was the first major trade show coming out of the pandemic, and the only commentary I heard was how low the attendance was. Two representatives from one booth even spent the last morning playing catch in the aisle with their giveaway stress balls. Read Now

    • Industry Events
    • ISC West

Featured Cybersecurity

New Products

  • PDK IO Access Control Software

    PDK.IO Access Control Software

    ProdataKey now allows for "custom fields" within the interface of its pdk.io software. Custom fields increase PDK's solutions' overall functionality by allowing administrators to include a wide range of pertinent data associated with each user. 3

  • Tyco Kantech EntraPass security management software

    Tyco Kantech EntraPass security management software

    Johnson Controls, the global leader in smart, healthy and sustainable buildings, and architect of the Open Blue digital connected platforms, has released the newest version of the Tyco Kantech EntraPass security management software. 3

  • Unique Oversized ID Card Printer

    Unique Oversized ID Card Printer

    Idesco Corp. is announcing its card printer – the XCR100 2.0 printer- that allows customers to personalize oversized ID cards on demand. The printer is ideal for assisting healthcare organizations find the right badging solution. As healthcare facilities continue to combat the spread of COVID-19, issuing oversized ID cards has helped identify staff clearly while adding an extra layer of security. The XCR100 2.0 printer is the only dye-sublimation printer on the market that can personalize CR100 cards (3.88" x 2.63"). The cards that are 42% larger than the standard credit card size. The printer can produce up to 180 full cards per hour in color, and up to 1,400 cards per hour in monochrome. An optional flipper is available to print dual-sided badges in one pass. Contactless encoding comes as an option to help healthcare facilities produce secure access badges on demand and the card printer features a 2-year warranty. 3