By admin, February 17, 2017
The continuous pressure on financial organizations like Orbis Financial to effectively secure its network extends beyond preventing intrusion from outside attacks. There are as many internal threats, exponential ATPs, identity thefts, frauds and other complex means to compromise both corporate and client information and financial assets. To that end, organizations like Orbis are subject to rigorous oversight by regulatory agencies to ensure compliance with best security practices. In fact, Orbis is subject to more than 36 audits per year. Each of these audits are comprehensive which strains the bandwidth of the personnel responsible for maintaining the requirements. A considerable part of the issue was the disparate silos of security information required to be analyzed in advance of these audits.
According to Mani Kant Singh, Orbis’ Head – IT & CISO, “We had to maintain so many logs, which get generated from many devices; store them, back them up and restore them for the audit requirement. It was not only cumbersome, but deflected focus away from our core business.”
Additionally, in accordance with its fiduciary commitment to clients and shareholders, Orbis was committed to providing elite security and risk mitigation services. Towards that goal, Orbis also needed to minimize the CapEx impact and expenses of a lingering phased deployment that traditional security solutions often incur.
After analyzing several alternatives, Orbis Financial chose Leo TechnoSoft’s Intelligence Driven Security Operation Center SIEM i.e CloudAccess to serve as the cornerstone of its security management initiative. Apart from the enterprise-comparative feature set, Orbis was intrigued by Leo TechnoSoft’s unique hybrid SOC approach that reduced their capital expenditures towards the project to virtually nil. The data remains safely behind existing secure firewalls and on-premise, and local sensors collect all the logs and send them encrypted (via VPN) to the powerful, cloud-based correlation engine. Leo TechnoSoft’s Intelligence Driven SOC SIEM was able to analyze all the logs in real time and provide the necessary visibility to find usage anomalies and other potential alerts requiring actionable intelligence.
Leo TechnoSoft’s Intelligence Driven SOC SIEM provided Orbis enhanced capabilities to better manage event, application, vulnerability and machine data in order to identify and prevent compliance policy violations found on the network or host based systems. This meant a new, improved visibility and capability to deal with various threats, frauds and apply behavior analysis; all without adding any hardware or capital expenses. This also created a new policy flexibility which gave analysts complete visibility into the granular reporting necessary to satisfy all the compliance audits. In fact, since Leo TechnoSoft’s Intelligence Driven SOC has been in service, Orbis has not failed a single audit, nor incurred any compliance fines.
Orbis used Leo Technosoft’s Intelligence Driven SOC SIEM centralized dashboard to “make the right decisions at the appropriate time” and augmented its staff with additional security-as-a-service analysts (maintained as a value add service from Leo TechnoSoft) to keep up with the 24/7/365 monitoring demand.
Orbis gives Leo Technosoft’s Intelligence Driven SOC SIEM high marks across the board. Not only has Orbis been able to continuously meet the requirements of the multiple compliance agencies, but they have also noted definitive improvements in 5 mission critical areas:
Increased visibility has obviously produced comprehensive ability to detect advanced threats, apply 24/7/365 monitoring across the enterprise (including privileged accounts), and provide actionable intelligence, vulnerability scans and risk routing, but more specifically:
In terms of the “bottom line,” Orbis was not required to spend any capital expenditure budget and was able to scale to the existing deployment in less than 90 days.
Leo TechnoSoft’s Intelligence Driven SOC facilitated maximum uptime of the enterprise including secure access to key applications. This translated into a 50% improvement in customer service based on reduced service calls and end-user survey responses.
Improved market share:
ABOUT LEO TECHNOSOFT’S Intelligence Driven SOC:
Leo TechnoSoft’s Intelligence Driven SOC is an integrated Stack of Security Solutions – Security Incident and Event Management (SIEM), Identity and Access Management (IDM), Privilege Identity Management (PIM) and Cloud Access Security Broker (CASB), which is built on Security Big Data. Leo TechnoSoft’s Intelligence Driven SOC is the only SOC, which can correlate Device Events, Identity, Access and Context together to predict advance risks and threats across all IT layers. Leo TechnoSoft’s Intelligence Driven SOC has inbuilt capability of Security Analytics, which collects events from all integrated security solutions to conduct analytics on User Behaviors, activities, security events & threats and Identities.
Leo TechnoSoft’s Intelligence Driven SOC
Intelligence Driven SOC with Integrated Security Solutions to move enterprise from “incident response” to “continuous response” for Advance Threat. Intelligence Driven SOC includes