Florida’s Bank of the South Enables Continuous Compliance and Secures Customer Data with Netwrix Auditor
September 2016 by Marc Jacob
Netwrix Corporation, the first vendor to introduce a visibility and governance platform that supports on-premises, hybrid and cloud IT environments, today announced that Bank of the South, a Florida-based community bank, chose Netwrix Auditor to ensure the security of its customer data and facilitate compliance with regulatory standards.
As a financial institution, Bank of the South is subject to PCI DSS and GLBA standards, which focus on ensuring the integrity and security of customer data. To enable continuous compliance and pass audits faster, the bank needed an automated way to monitor all critical IT systems and user activity. They selected Netwrix Auditor, an easy-to-manage solution that delivers visibility into business-critical systems and quickly provides the required compliance reports.
Netwrix Auditor is a visibility and governance platform that enables control over changes, configurations and access in hybrid cloud IT environments to protect data regardless of its location. The platform provides security analytics to detect anomalies in user behavior and investigate threat patterns before a data breach occurs.
With Netwrix Auditor, Bank of the South gained the following benefits:
. Complete visibility into the IT environment. The software provides comprehensive visibility into all IT changes and access attempts in the bank’s most critical systems, including Active Directory, VMware and Windows Server. All data is summarized in a single console, enabling cross-system analysis and investigations of security incidents.
. Continuous compliance and stress-free audits. Netwrix Auditor automatically generates compliance reports that enable the bank to validate the required security controls, and includes an Interactive Search feature that makes it easy to answer auditors’ questions.
. User activity monitoring. The software provides visibility at the enterprise, system and user levels, as well as security and user behavior analytics, real-time alerts and video-recording of privileged user activity, protecting business-critical data from insider threats.
. Increased IT team efficiency. Automated reporting, notifications, Active Directory change rollback and other capabilities have significantly reduced IT workload and made the team more efficient. In addition, out-of-the-box compliance reports aligned with PCI DSS and GLBA standards enable the bank to have only one professional in charge of external audits and regulatory compliance examinations.
"I don’t think it would be possible to earn the rating we consistently receive from regulatory examiners without Netwrix Auditor. The main result we have achieved is visibility. I know what is going on everywhere at once. I know who can do what and who has done what. The platform makes compliance examinations quicker and easier. It would be impossible to complete some of the reporting without it. Now we save at least 40 hours per year," said James Brammer, Vice President and CISO, Bank of the South.
"Compliance is a pressing task even for large organizations with sufficient resources. For smaller businesses, it can become a nightmare due to high compliance requirements, time-consuming preparation for audits, additional expenses and so on," said Michael Fimin, CEO and co-founder of Netwrix. "Complete visibility into the IT infrastructure ensures a reliable audit trail of all user activities across business-critical IT systems to validate security controls and mitigate security risks. A clear understanding of what is going on enables organizations to strengthen data security and reduce the burden of compliance audits by proving to compliance auditors that any activity is easily traceable."