Banking on Efficiency

Banking on Efficiency

Maintaining financial services compliance requirements

Operating in more than 4,000 buildings, one of the largest U.S. banks could not keep up with the onboarding and off-boarding of 300,000-plus employees, contractors, vendors and visitors.

Thousands of people were involved in approving building access, all working in different departments at different locations, each with their own manual processes and compliance requirements. The sheer number of identities to manage was overwhelming and consisted of cumbersome, manual processes using multiple emails and phone calls across the organization.

It often took days to get a new employee an access card. Scarier yet were delays in removing an identity from the system, giving ex-employees and non-employees access after their termination dates. All of the manual processes above bogged down the Security Operations department in volleying emails, running reports and doing endless data entry. Rather than hire more people to resolve these issues, the bank looked at technology to streamline its operations, increase efficiencies and manage identities.

Identity Compliance

Maintaining financial services compliance requirements by manually auditing individual access privileges was nearly impossible. The Security Operations audit process consisted of Excel sheets that were shared and reviewed securely by various teams but took months to complete. The bank was falling out of compliance and wasting money.

Implementing AMAG Technology’s Symmetry CONNECT web-based identity management platform with Symmetry Access Control automated all of these manual processes. Automated notifications sent via CONNECT workflow automated re-certifications and access requests, allowing the bank to enforce compliance requirements.

The bank faced many challenges, but one of the most significant were the manual onboarding and off-boarding process for the more than 300,000 employees, vendors and contractors. The email- and paper-based access request process involved thousands of local approvers, lacked a cost effective way to review, audit or complete access privileges, and created an inefficient security department based on a centralized security architecture.

Other challenges made it impossible to enforce corporate audit and security policies and implementation of a homegrown system that produced a 31 percent completion rate of quarterly access audits.

Streamlined Access

Using this solution allowed the banking system to use a policy-based identity management platform to automate all manual processes, improve efficiencies, reduce risk and help bank meet audit and compliance requirements, register more than 3,000 access area owners, and provide notifications and escalations to be automatically sent to access owners and managers during audits to enforce compliance.

Banking staff have been able to complete quarterly audits per corporate policy, streamline the access request process and eliminate all manual work efforts, as well as implement distributed security architecture to more efficiently manage identities.

With this solution, the bank achieved automated on and off boarding, the distributed model, increased efficiencies meant faster turnaround with lower labor cost and automated workflow provided simple method for access area owners to action access requests. The bank estimated that it will save more than $1 million in annually and be able to create audit reports instantly to meet compliance requirements. This update also will reduce access confirmation audits from more than 1 million to 500,000 and provide 100 percent completion of every quarterly audit since implementation.

Using the identity management software, the bank restructured its operations to a distributed model, allowing access owners to action access requests, audit their secure areas and manage identities with the click of a button. This eliminated the security team bottleneck, saved the bank millions of dollars in labor and created a safer environment. Detailed audit reports allowed the bank to prove that compliance requirements were met and maintained over time.

This article originally appeared in the February 2018 issue of Security Today.

About the Author

Kim Rahfaldt is Director of Media Relations at AMAG Technology, Inc., based in Torrance, Calif.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Survey: Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Mobile Applications Are Empowering Security Personnel

    From real-time surveillance and access control management to remote monitoring and communications, a new generation of mobile applications is empowering security personnel to protect people and places. Mobile applications for physical security systems are emerging as indispensable tools to enhance safety. They also offer many features that are reshaping how modern security professionals approach their work. Read Now

Featured Cybersecurity

Webinars

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3