|
The Customer:
A leading bank with large-scale operations in the Middle East.
The Challenge:
The bank is among the top-ten banks in the Middle East. It offers a wide range of
consumer and commercial banking products and services like checking, savings,
commercial and retail credits, bank assurance products, credit cards, trade
finance and foreign exchange to about 50,000 customers who mostly utilize
retail banking services. Regulatory authorities have advised banks to seek a
comprehensive external audit at least once in 3 years in their overall IT
infrastructure, including the security aspects. As a progressive bank, the bank
wished to have in place security policy and processes to conduct the audit at
shorter intervals.
Recommended Solution:
i-flex consultants used a combination of interviews/discussions with the bank's
officials and documentation and reports. Recommendations were
made on the following:
 |
security framework and procedures |
|
gaps in security
procedures |
|
system security
policy to address gaps |
Customer Benefits:
Major benefits accrued from i-flex's
consultative approach of total identification of security
loopholes were:
|
a critical evaluation
of the current security level at the main computer center and other
branches |
|
a listing of
potential threats as perceived by the consultants on all domains, namely
desktop, server, network, and intranet. These could be internal as well as
external threats |
|
risk assessment based
on the identified threats |
|
recommendations for
reducing the vulnerabilities and the risks associated with the threats |
|
design of an optimal
security policy based on a review of the bank's current security policy and
additional inputs from the outcome of the assessment exercise |
|