FFIEC News

Bank Shows Good Security Doesn't Have to Be Complicated

(July 31, 2008)-- Like a lot of IT Security specialists these days, Randy Lindberg has plenty of work to do and never enough time in which to do it. So when Lindberg wanted to upgrade the existing security management system to better monitor his organization's network for regulatory compliance and security purposes, straightforward, simple implementation, hassle-free operation, and immediate results were paramount concerns. His choice? A security information event management (SIEM) system called Cinxi from High Tower Software based in Orange County, California.

Lindberg is the IT Security Lead for Banner Bank, a fast-growing banking and financial services provider based in the Pacific Northwest. From company headquarters in Walla Walla, Washington, Lindberg's staff is charged with ensuring network security for some 1,200 employees and tens of thousands of customers across the organization's 86 branch offices and 12 loan offices in Washington, Oregon and Idaho.As a publicly traded financial institution, Banner is subject to a host of federal, state and industry regulations regarding information security -- a fact ever-present in Lindberg's mind.

"The biggest drivers we had in implementing a SIEM were compliance and security analysis," he said. "We have to meet FFIEC (Federal Financial Institutions Examination Council) guidelines, GLBA (Gramm-Leach-Bliley Act) requirements and PCI (Payment Card Industry) standards, to name a few."

In order to help meet that alphabet soup of regulations Lindberg turned to High Tower's Cinxi SIEM platform. Cinxi monitors messages from hundreds of network devices -- firewalls, routers, servers, anti-virus systems, desktops, etc. -- and analyzes the information for patterns that might indicate a policy violation or attempted security breach. When such patterns are detected, the system triggers an alert to Lindberg's staff indicating the severity of the incident, the network assets involved and a course of action.

"Monitoring just one thing on the network, such as the firewall, isn't enough," Lindberg said. "It's important to get a full view of everything that's happening. Cinxi's flexibility in terms of the variety of device logs it can capture and activities it can correlate means we see what's going on across the entire network at any moment."

Incorporating so many pieces from a network like Banner's is no easy task -- another aspect of Cinxi Lindberg appreciates, particularly in light of past experiences with other products.

"They required a significant amount of resources to operate. By comparison, High Tower's Cinxi was very easy to implement and even easier to manage," Lindberg said. "We're very low on time. We were able to install Cinxi in a very short time and now it plows through gobs of our network data and brings the real threats to the forefront. It's a huge time and energy saver for us."

Now that Lindberg has covered Banner's bases from a compliance and security event analysis standpoint, his team is exploring what more they can do with Cinxi.



Visit Banner Bank on the Web at www.bannerbank.com.

Share or bookmarklet this web page at: