Financial Industry Security Solution

Financial Institutions Manage and Mitigate Risk More Effectively with Bit9 + Carbon Black.

Bit9 + Carbon Black’s advanced threat detection, incident response and prevention solutions for endpoints and servers help financial organizations close the security gap exploited by targeted attacks and unknown malware that antivirus solutions cannot stop.

Providing visibility into endpoints and servers and preventing all unauthorized software from running, Bit9 + Carbon Black helps investment firms, banks and insurance providers take back the endpoint to protect customer data and transactions, comply with regulations including SOX, GLBA, BASEL II, FRC / CSOX and SSAE16 / ISAE 3402 and avoid costly service disruptions.

How Bit9 + Carbon Black Help the Financial Industry Achieve Endpoint & Server Security

Bit9 + Carbon Black’s endpoint threat detection and response capabilities enable financial organizations to leverage threat intelligence feeds and shared indicators of compromise to detect malware and malicious activity that evades traditional defenses. Once a malicious or suspicious activity is detected, Bit9 + Carbon Black provides your response team with the most relevant information needed to investigate an incident, reducing investigation time from days or weeks to minutes or hours.

Bit9 + Carbon Black’s endpoint threat prevention capabilities enable financial institutions to define the software that is trusted to run within the organization and block everything else by default. With Bit9 + Carbon Black’s threat prevention tools, organizations are able to reduce their threat surface by proactively preventing known malware, unknown malware and attacks that leverage zero-day vulnerabilities.

With Bit9 + Carbon Black, you can:

  • Prevent targeted attacks and malicious software that easily evade traditional security solutions.
  • Enforce portable storage device controls to enforce read, write and execute policies for both data and software on USB drives and other removable media—blocking ALL unauthorized devices.
  • Improve IT system performance by standardizing endpoint configurations.
  • Audit and report on all software changes to demonstrate compliance.
  • Reduce TCO by lowering the number of support helpdesk calls.

2002 Sarbanes-Oxley Act (SOX)

The 2002 Sarbanes-Oxley Act (SOX) requires public companies adhere to a set of standards for financial reporting and corporate disclosure. SOX compliance has placed an enormous burden on companies. Not only does SOX call for the establishment of IT controls over financial systems, but it requires companies consistently evaluate these controls for efficacy. Without an automated solution to control and audit change on financial systems, achieving SOX becomes a time-consuming exercise that pulls valuable IT staff away from critical operational responsibilities.

Simplify SOX Compliance

Even if the reality of SOX feels complicated, the spirit behind it is simple: to secure sensitive data, organizations need to understand exactly what is happening with their financial systems at all times. This cannot be done with a point-in-time snapshot; it requires a systemic approach that allows organizations to achieve compliance without so tightly controlling their financial systems that they are rendered useless.

The Bit9 Security Platform simplifies SOX compliance with:

Visibility:

  • Live Inventory: real-time view of all applications on all systems at all times
  • Baseline Drift: establish baselines to define approved configurations
  • Compliance at a Glance: visually isolate, from as many as 250,000 systems, those out of compliance
  • Audit Trail: track software changes regardless of source or content

Control:

  • Application Whitelisiting: ensure only trusted and approved software is allowed to run
  • Real-time Alerts: instantly know when a system drifts away from your baselines
  • Change-aware Baselines: automatically add approved software to baselines
  • Device control: unauthorized use of personal storage devices can be blocked on a user or device basis

Learn more about the Bit9 Security Platform.

GLBA – Gramm-Leach-Bliley Act

The Gramm-Leach-Bliley Act (GLBA) requires companies defined under the law as “financial institutions” to ensure the security and confidentiality of this type of information. As part of its implementation of GLBA, the Federal Trade Commission (FTC) issued the Safeguards Rule, which requires financial institutions under FTC jurisdiction to have measures in place to keep customer information secure.

The Bit9 Security Platform enhances GLBA compliance with its visibility capabilities.  The ability to audit directories containing financial data as well as controlling and building trust around the software used to work with this financial data is key to maintaining and assessing compliance.  Bit9 also assists in ensuring the compliance and audit of the security policy out to the end-users.

The Bit9 Security Platform enhances compliance of GLBA with its ability to audit directories containing financial data as well as controlling and building trust around the software used to work with this financial data is key to maintaining and assessing compliance.  The platform also provides the only endpoint sensor that continuously monitors and records all activity on an endpoint, server or fixed-function device.

Companies are also required to perform security risk assessments, develop and implement security solutions that effectively detect, prevent, and allow timely incident response, and perform auditing and monitoring of their security environment.

The Bit9 advanced threat protection solutions for endpoints and servers provides real-time file tracking that facilitates a live inventory of all executable files that currently reside on all of your systems as well as any executable that has ever been on a computer regardless of its current status, allowing you to identify high-risk files quickly and accurately.

Bit9 provides controls minimize the risk of malicious, illegal and unauthorized software that can create vulnerabilities and enable targeted attacks by preventing the installation or execution of unauthorized applications and the use of unauthorized portable storage devices. In addition, Bit9 also assists in ensuring the compliance and audit of the security policy out to the end-users.

BASEL II

BASEL II consists of recommendations by bank supervisors and central bankers to improve the consistency of capital regulations internationally, make regulatory capital more risk sensitive, and promote enhanced risk-management practices among international banking organizations.

The Key functional area for Bit9 that enhances BASEL II compliance is built around visibility.  The ability to audit directories containing financial data as well as controlling and building trust around the software used to work with this financial data is key to maintaining and assessing compliance.

FRC (UK) & Bill 198 / CSOX (Canada)

The Financial Reporting Council (FRC) empowers regulatory and audit agencies in the UK to monitor and take action to promote the quality of corporate reporting and auditing as well as enforce the controls that are associated with the security of financial information.

Bill 198 / CSOX empowers the Ontario Securities Commission to develop guidelines to protect investors in public Canadian companies by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws.  The law was tabled after SOX in the United States and makes it mandatory to have full audit capability on financial information.

The Bit9 Security Platform enhances the ability to control and audit areas within the enterprise that contain critical or sensitive financial data.  It can both audit and report on all software that is responsible for accessing such data while providing complete coverage on any software changes that could lead to undesired access to the data.  Bit9 can also assist with enforcing, controlling, and auditing the financial security compliance policy throughout the organization in order to prove awareness and consumption of the general end user policy.

Statement of Standards for Attestation Engagements (SSAE) Compliance Standard 16

The American Institute of Certified Public Accountants developed the Statement on Auditing Standards SSAE 16 (formerly SAS70). Organizations that successfully complete a SSAE 16 audit have been through an in-depth audit of their control activities, including controls over IT and related processes. The standard allows a company to provide a third-party certification of its internal controls to customers.

The Bit9 Security Platform enhances the ability to control and audit areas within the enterprise that contain critical or sensitive financial data.  It can both audit and report on all software that is responsible for accessing such data while providing complete coverage on any software changes that could lead to undesired access to the data.  Bit9 can also assist with enforcing, controlling, and auditing the financial security compliance policy throughout the organization in order to prove awareness and consumption of the general end user policy.

video
Video: Bit9 + Carbon Black Explained in Two Minutes

Case Study:
Large Financial Consulting Firm

View Now

Case Study:
Leading North American Bank

View Now
Bit9 + Carbon Black
DataXu