API Bank

API Bank Slashes Time Spent on Compliance Reporting by 90%

Quarterly
internal audits

Netwrix Auditor is one of the best tools I have ever had. It gives us complete visibility into our infrastructure and admin activities in all covered systems. It provides quality reporting to help our organization comply with regulations while decreasing the time spent on reporting by 90%.

Predrag Škundrić, CISO, API Bank

Challenge
  • Comply with requirements set by the National Bank of Serbia, such as Decision on Minimum Information System Management Standards for Financial Institutions and Law on Information Security, both of which are based on the ISO 27001 standard
  • Detect potentially malicious activities before they jeopardize cybersecurity, including suspicious attempts to access the bank’s Oracle databases, VMware-based virtual infrastructure and network devices (including VPN concentrators)

Based on our positive experience with Netwrix Auditor, we plan to add the application for SQL Server in order to get visibility into IT services backed by SQL databases that we will be implementing in the near future.

Predrag Škundrić, CISO, API Bank

Netwrix Solution

Predrag Škundrić, CISO of API Bank, chose Netwrix Auditor because of the excellent support from the channel partner and customer care from the vendor, the wide range of platforms and applications that can be audited, and the large portfolio of predefined reports which can be fine-tuned to specific needs and requests. Netwrix Auditor enabled the bank to achieve the following results:

Key Benefits
  • Accountability of system administrators. Predrag can now ensure individual accountability of all privileged users with clear proof of who is doing what across Oracle, VMware and Cisco network devices. Moreover, with all the information in one place, he can avoid security incidents and downtime by quickly spotting unusual activity, such as suspicious access to databases and virtual environments, alteration or deletion of data, changes to security settings, hardware malfunctions, and successful and failed logon attempts to VPN concentrators.
  • Enhanced network security. API Bank has avoided data breaches so far. To make sure that continues to be true, the IT team regularly conducts penetration tests and checks that Netwrix Auditor responds appropriately. For example, they simulated malicious users trying to access the network through VPN, and Netwrix Auditor immediately alerted them to the failed logon attempts and provided the critical information required to identify the IP address to block.
  • Easier audits. Netwrix Auditor makes it far easier for the bank to provide the reports required quarterly for internal audits and annually for external audits. In addition to answering routine questions, the solution makes it a snap to handle ad-hoc requests from auditors. For instance, when an external auditor requested information about all activities performed by system administrators in order to see what changes were made during data restructuring in Oracle, Predrag was able to quickly deliver the required report.
Customer Profile

API Bank is a small, privately held bank located in Belgrade, Serbia, that serves both companies and individual customers. The bank offers retail and business loans and other products and services, and provides digital solutions to its clients in a secure and easy-to-use way.

Customer: API Bank

Industry: Financial Services

Website: www.apibank.rs