Customer Success Story: ING DIRECT
Download the Case Study
“We have about five or six critical files and file types that we monitor. For example, we have payments that are scheduled to be sent overnight to other banks and financial institutions. There is a cut-off point when these files are no longer allowed to be modified. DatAdvantage allows us to schedule and circulate a report that details each time the files are changed or modified, at what time, and by whom. Someone then manually checks the reports to make sure that everything has been authorised and conducted correctly and that none have been tampered or interfered with.” – Kash Sharma, Identity Management for ING DIRECT
Location: Sydney, Australia
Industry: Financial Services - Retail Banking
ING DIRECT is the world's leading direct savings bank and is wholly owned by ING Group. Over 950 employees look after the interests of 1.4 million customers – offering various banking services for both business and personal customers, from current accounts to savings, mortgages and loans. ING DIRECT’s IT environment is predominantly Windows, with a few Linux servers.
Holder of an Australian banking licence since 1999 and regulated by the Australian Prudential Regulation Authority (APRA) like all other Australian banks, ING DIRECT must ensure its systems are secure and that customers’ interests are protected at all times.
For this reason, file monitoring was identified as an area that could be tightened. Kash Sharma, Identity Management Analyst for ING DIRECT, recalls, “Being a bank, we monitor practically everything an individual does on our network, but we were missing file server monitoring. There was a drive from head office to perform a review and clean-up of all of our unstructured data - which included all of our folder access. This wasn’t something we could do manually, nor did we have existing solutions to help, so we had to look for a solution.”
At a 2012 conference, a member of the ING DIRECT management team expressed their IT challenges and what came out of the conference resulted in an invitation for Varonis to present DatAdvantage. The presentation quickly proved Varonis; suitability and the project moved forward to proof of concept.
DatAdvantage was installed and began monitoring one of ING DIRECT’s production fileservers, containing real data. Kash adds, “I conducted the proof of concept with just some basic requirements initially, to determine how we could use it. Very quickly, in just a few days in fact, we were able to get a good feel for just how much the solution could offer us. It was evident that Varonis DatAdvantage could deliver the vital intelligence we were lacking.”
In just a matter of weeks, ING DIRECT moved forward from proof of concept to full roll out.
DatAdvantage monitors every touch of every file within ING DIRECT’s file system and stores activity in a normalised database that is sortable and searchable. With detailed information on every file event provided, all this metadata can be reported on and provided to data owners.
Kash explains the relevance of this functionality against ING DIRECT’s requirements, “We have about five or six critical files and file types that we monitor. For example, we have payments that are scheduled to be sent overnight to other banks and financial institutions. There is a cut-off point where these files are no longer allowed to be modified. DatAdvantage allows us to schedule and circulate a daily report that details each time the files are changed or modified, at what time and by whom. Someone from the security monitoring team then manually checks the reports to make sure that everything has been authorised and conducted correctly and that none have been tampered or interfered with.”
Another area that DatAdvantage is proving invaluable is access provisioning – a key driver of this project. Previously, each folder had to be examined individually – a time consuming process. With its bi-directional view of permissions, DatAdvantage quickly maps all groups and folders. This allows ING DIRECT to view and manage its permissions from a single interface. Kash continues, “The system access administrators use DatAdvantage on a daily basis to check permissions and usage on all our folders, and easily simulate and execute any clean ups that they need to, based on its recommendations.”
ING DIRECT’s approach has been to work on its critical business units first - such as finance and treasury, and then work down. During this ‘clean-up’, in partnership with data owners, redundant groups have been identified and deleted, and folders that have not been accessed for the last six or seven months marked for archive. Kash adds, “It would have to a massive and time consuming task had we attempted this clean-up without a solution like Varonis”.
The financial sector is heavily regulated and DatAdvantage is helping ING DIRECT meet some of these requirements. Kash concludes, “Varonis gives us the monitoring view that we lacked previously - in terms of regulation, on a file server level. It’s even helping the IT operation team trouble-shoot as they can see if there have been any permissions changed, especially if they’ve caused a problem, and can identify what it was and then work backwards from there to fix the issue.”
Help Meet Strict Regulation Requirements
With strict regulation requirements, DatAdvantage gives ING DIRECT the monitoring view it previously lacked - on a file server level.
Every File Touch Within Ing Direct’s Systems Captured
DatAdvantage details each time critical files are changed or modified, at what time and by whom.
Quickly Identify The Permissions For Groups And Folders
ING DIRECT’s system administrators use DatAdvantage on a daily basis to check permissions and usage on all folders, and based on its recommendations, easily perform any clean ups.