SWIFT Customer Security Programme with
Ekran System

A single flexible software platform to empower your compliance

WHAT IS SWIFT CUSTOMER SECURITY PROGRAMME

rounds

The SWIFT Customer Security Programme (CSP) was established in 2017 and updated in 2019. The SWIFT CSP obliges any financial organization that uses SWIFT services to fully comply with 19 mandatory security controls by the beginning of 2020 and to take all reasonable efforts to meet 10 advisory security controls that together comprise the SWIFT Customer Security Controls Framework.

This framework translates industry security best practices and guidelines into three key objectives:

  • Secure your environment
  • Know and limit access
  • Detect and respond

To meet SWIFT security requirements, companies need to:

  • Audit their current infrastructure to define specific requirements and limitations
  • Evaluate deployed security products and policies against mandatory controls
  • Develop a policy update plan to ensure compliance while relying on existing tools
  • Consider deploying specific software that meets both mandatory and advisory controls

The Ekran System® insider threat protection platform is your powerful ally in adopting SWIFT Customer Security Controls.

  • Servers, jump servers, and desktops
  • Virtual and physical infrastructures
  • Any network architecture and hybrids
  • All essential features combined

The most complete set of supported platforms

More on supported platforms

Secure your SWIFT infrastructure with Ekran System

Secure your environment

Deploy Ekran System to control the use of admin accounts, protect local SWIFT infrastructure from third-party vendor-related risks, and prevent unauthorized access to critical assets.

Ekran System covers controls 1.1, 1.2, 1.3A, 2.8A, and 3.1 thanks to these features:


  1. SWIFT username monitoring to identify users logged into the SWIFT network
  2. Secondary authentication to identify users of shared accounts and control their access
  3. Out-of-the-box support for virtual environments to protect virtualization platforms
  4. Password management to grant protected third-party access to the secure zone
  5. Temporary access permissions that can be reviewed, extended, or revoked
  6. USB device management and monitoring for blocking prohibited devices and restricting access to specific USB ports
PASM

Know and limit access

Use Ekran System to enforce need-to-know access, the principle of least privilege, and segregation of duties for operator accounts while securing SWIFT systems with multi-factor authentication using Ekran System.

Ekran System covers controls 4.2, 5.1, and 5.4 thanks to these features:


  1. A free two-factor authentication tool for secure authentication
  2. Password management to secure credentials and mask symbols entered in password fields
  3. One-time passwords that can be generated automatically or manually by security administrators
  4. Integration with ticketing systems for validating the purpose of actions
  5. A password vault for encrypted and secure password storage
  6. Privileged access management to monitor and audit privileged activity
Identity-Management

Detect and respond

Comply with the SWIFT Customer Security Controls Framework and secure your local SWIFT environment by recording events and detecting malicious actions. Enhance your cybersecurity incident response planning with Ekran System’s centralized GUI for analyzing incidents and reacting to any that are detected.

Ekran System covers controls 6.4 and 7.1 thanks to these features:


  1. Video recording to log user sessions in a searchable video format and provide remote IP addresses and host details
  2. Audio recording to capture input and output audio streams on endpoints
  3. User activity recording that can be configured to create screen captures for each event or when a certain action is taken
  4. User and entity behavior analytics to detect abnormal user activity
  5. Real-time alerts and notifications that are automatically sent in case of a security incident
  6. Incident response tools to help in detecting and preventing malicious activity: automatic and manual session termination, application and process termination, user warning and blocking, etc.
  7. Powerful reporting and investigation functionality for robust incident management
  8. Session recordings that can be exported for forensic examination
session-recording

SECURE SOLUTION

Application hardening

Application hardening

Detailed internal action logging

Detailed internal action logging

Highly-protected data storage

Highly-protected data storage

Encrypted communication channels

Encrypted communication channels

FLEXIBLE DEPLOYMENT

High-availability mode

High-availability mode

Multi-tenant mode

Multi-tenant mode

Single-tenant mode

Single-tenant mode

Easily scalable

Easily scalable

Integration with SIEM and ticketing systems

Integration with SIEM and ticketing systems

Automated client updates

Automated client updates

Online and offline updates

Online and offline updates

System self-monitoring dashboard

System self-monitoring dashboard

Deployment schemes

Architecture Type A: SWIFT Infrastructure Within User Location

Architecture Type A: SWIFT Infrastructure Within User Location

Architecture Type B: SWIFT Infrastructure Outside of User Location

Architecture Type B: SWIFT Infrastructure Outside of User Location

They Chose Ekran System®

GET MORE DETAILS

arrow