Technology has changed all manner of scenarios – even the classic bank robbery. The days of rolling up at a city bank armed with a balaclava, a firearm and a getaway car in tow are largely gone. Nowadays, data is far more valuable than physical money and, if banks aren’t careful, far more accessible. First Energy Bank of Bahrain has tackled this issue by implementing a data loss prevention (DLP) solution.
Confidential data protection and overall information security has become a top priority for CIOs of public and private organisations around the world. None more so than banks, where not only is most of the data sensitive, but where the data itself is the most sensitive to the user.
First Energy Bank of Bahrain (FEB), which is licensed by the Central Bank of Bahrain, was incorporated in Bahrain in June 2008 as the first Islamic investment bank entirely focused on the global energy sector. It has a security department with two employees and an IT department with five employees. The whole bank employees 66 members of staff.
In 2009 it began to recognise the exponential growth of data volumes and the increasing diversity of IT infrastructure. On top of that, the general workforce was getting more involved in using various web and mobile services – making information protection a great concern.
“Handling the volumes of data that come in and out of a bank is a very difficult task, especially when working in investment banking. We don’t deal directly with cash, but with data. We obviously handle a high volume of confidential data across a range of banking practices. Therefore it is important to have data classification,” says Ali Al Saegh, IT security manager at First Energy Bank of Bahrain.
More of a concern was the bank’s realisation that its security was not sufficient. “Before I joined in 2009 there was no security officer. When I arrived we agreed on a base line security and implemented three layers – firewalls, IPS and proxies. However, we then had an internal security breach. We only had antivirus – we didn’t have any control over things like device control and encryption,” Al Saegh explains.
This led to the bank getting encryption and DLP solutions from McAfee. However it encountered “a lot of challenges.”
“We came across some problems during the implementation process and some applications didn’t work with this agent of McAfee. We reached a point where we had to change. It was not compatible technically and disturbed some of our applications. It was also not practical in terms of usage,” Al Saegh says.
Selection
FEB wanted a new solution that was industry-proven, and evaluated several vendors. It sought a solution that would sufficiently safeguard its confidential information, “zeroday” documentation and a variety of other sensitive data from leakage and improper distribution, while simplifying security management with minimal IT resources.
Also among its major requirements was the need for full support of Arabic languages, while complying with general and banking industry-specific info security standards and regulations.
In November 2011, after a successful demonstration from InfoWatch, FEB decided to deploy the InfoWatch Data Lost Precention & Protection Enterprise Banking suite, including the vendor’s Traffic Monitor Enterprise & CryptoStorage Enterprise software solutions.
FEB said it selected InfoWatch over the rest of the competition not only due to its functionality, reliable performance and compliance, but also because of its expertise in addressing the specific banking business needs and fast time-to-benefit.
InfoWatch DLP Banking Suite comprises a set of preloaded banking-specific data processing and decision making rules (including the Arabian Linguistic Analysis Engine) and policies. It automatically detects banking-sensitive data and renders a comprehensive verdict on its further handling according to banking security or compliance policies.
“Another InfoWatch advantage is the capability of archiving terabytes of analytical data, including those from corporate email streams for further retrospective analysis and forensic compliance,” Al Saegh says.
The Suite secures confidential banking data by controlling its distribution and addresses critical security and compliance requirements. InfoWatch Traffic Monitor Enterprise delivers functionality of DLP both on gateway and endpoint levels.
CryptoStorage Enterprise enables transparent encryption of sensitive data on laptops, desktops, USB drives, optical media, local and network folders. It restricts access to encrypted data solely by the person who encrypted it.
Subsequently, an integrated InfoWatch Forensic Storage technology archives the data for further analysis and investigation, in compliance with banking security requirements.
“Our staff regularly communicates with thirds parties and we wanted to improve and enhance our ability to monitor or control this information exchange. We also had a large number of requests from our staff to use USB devices, which previously needed to go through a lot of checks and signatures from our management,” Al Saegh says.
“InfoWatch has now provided the solution for device control monitoring, which enables our team to use such devices whilst also allowing us to maintain control and the ability to monitor. InfoWatch monitors everything from VOIP (such as Skype) and USB devices through to email accounts and photocopiers,” he adds.
Implementation
The implementation took two weeks with no down time and Al Saegh says the bank’s employees didn’t even realise it was taking place.
He adds that the knowledge transfer was also easy, due to the basic knowledge FEB had accumulated from working with its previous DLP solutions. “The only thing that changed was the actual replacement of the old solution with InfoWatch. I can’t say there were any problems. InfoWatch has a very smooth implementation process and a very well organised system. FEB IT staff were trained personally by InfoWatch with no third parties involved.”
InfoWatch flew in from Russia especially to conduct the training. It also provided a one week training course onsite in Russia for the FEB IT team for technical issues, Al Saegh says.
The solution also scored points for FEB because it did not disrupt the IT infrastructure it had implemented already.
“It works in the background, so much so that users don’t even notice it being there. It has a minimal effect on the work station,” Al Saegh says.
In terms of results, the efficiency of the InfoWatch DLP Banking Suite and timeliness of its deployment was demonstrated within just 72 hours when InfoWatch Traffic Monitor Enterprise successfully prevented an internal security policy breach.
The incident was identified, blocked, captured and analysed by InfoWatch proprietary decision making engine, and then it was stored in the InfoWatch forensic storage archive for further processing.
“We witnessed an immediate demonstration of comprehensive functionally and the actual value this DLP solution had brought to our bank, which is definitely above all other previously tested solutions. We are delighted with InfoWatch’s technology excellence and expertise in the banking domain, which underlies its efficiency in preventing both accidental and intentional data loss. Partnership with InfoWatch secures our business in a complicated information environment,” Al Saegh says.
He adds that InfoWatch has provided FEB with a complete and personalised solution . It focuses on developing and providing comprehensive technologies dedicated to data loss prevention and protection, as well as risk management and compliance solutions. In addition to monitoring webmail such as Gmail and Hotmail, the implementation has also enabled FEB to keep tabs on network traffic, including HTTPS traffic, and device-level monitoring.
One area that Al Saegh would like addressed is for the reporting and enquiry tool to be more user friendly, but overall he says he is happy with the solution fulfilling FEB’s objective for all its data to be 100% secure to help it comply with the high institutional standards of banking.
Faced with the huge task of keeping a control over data and privacy, FEB also has a security committee, which undertakes data classification. Al Saegh concludes that the InfoWatch Banking Suite complements this process by studying each document to determine how sensitive the data is and how it should be handled.
Alexander Zarovsky, director of international sales and business development at InfoWatch, adds: “We are delighted to be part of this project to securely enable First Energy Bank’s business with our latest innovations to prevent security breaches and safeguard their most essential digital assets.
“This project clearly demonstrates that our data protection and encryption solutions meet today’s Middle East banking security and compliance standards. We are clearly committed to customer satisfaction and ready to support customer’s secure growth.”
