Case Study: Improving Cyber Security in Finance and Banking
Miles Technologies works with a bank to improve their cyber security and compliance for internal, state, and FDIC (Federal Deposit Insurance Corporation) banking audits.
A Commercial Bank
The client is a small community bank in New Jersey providing commercial banking services to its local area. It falls into the FDIC’s (Federal Deposit Insurance Corporation) “assets under $1 billion” category for auditing purposes. It’s important to them to ensure systems are always up-to-date with the latest in cyber security protection.
Outdated Firewall and Cyber Security Standards
When the client came to Miles, they initially had a Cisco 5510 firewall installed at their main location. The problem was that Cisco discontinued future OS releases for this firewall model which used the outdated TLS 1.0 protocol. New standards require TLS 1.2, and not being compliant would trigger warnings on most vulnerability scanning software.
Creating a Secure and Compliant Technical Environment
Our recommendation was to implement a Cisco ASA 5506-X firewall with FirePOWER Services and a two-step verification process (Duo Two-Factor Authentication) for an additional layer of protection.
Install a New Cisco Firewall
We started by implementing a firewall solution that would be compliant with the TLS 1.2 standard. Cisco’s threat-focused next-generation firewalls provide an IPS (Intrusion Prevention System), AMP (Advanced Malware Protection), and comprehensive URL filtering that met the client’s needs.
Improve Security Layers
To improve the firewall’s out-of-the-box security, we also implemented a two-step authentication process for users who remote into the network. This would ensure that malware from home computers couldn’t compromise the bank’s business systems and would comply with Safety and Soundness audits.
Install a TLS 1.2 Compliant Firewall and 2-Step Authentication
1 – Miles performed the initial setup of the Cisco firewall outside of the production environment. This included configuration of FirePOWER Services and VPN tunnels between the client’s websites.
2 – We then physically installed and tested the firewall in the bank’s production environment to ensure the following items were operational:
???Barracuda Web Security Gateway
???Connectivity to FIS system via FIS VPN router.
3 – To add an additional layer of security, we then implemented Duo Two-Factor authentication.
4 – Finalizing the project, an updated network diagram was sent to the client and the Cisco 5510 firewall was removed and properly disposed.
An Advanced Multi-Layered Cyber Security System
Banking Audit Compliance
The new Cisco firewall helps the bank comply with audits and industry standards.
Defense in Layers
The added Duo Two-Factor verification process creates a deeper layer of security to protect against cyber security attacks.
Remote Access Protection
The bank can now feel secure when employees remotely connect into the network from outside locations.
The increased security allows the bank to focus on the more important aspects of growing their business while we continue to monitor and improve their systems as part of our Miles Assurance Plan IT Managed Services.
Keeping Up With Cyber Security Compliance Standards
Cyber security is constantly evolving. With the Miles Assurance Plan, we continue working with our customers to ensure they remain compliant and secure. This involves continued research and development on the latest cyber security technologies and recurring gap analyses to ensure systems are in check. Any security or compliance policy is a living process that needs to be continually evaluated. As policies evolve, we adapt your technologies so you can always focus on what matters most: your business.