KEY POINTS
|
Customer
The South Financial Group, the largest publicly-traded bank holding company in South Carolina
Challenge
Meet security and compliance requirements with enterprise-wide visibility Reduce complexity and cost Consolidated point solutions Increase operational efficiency
Solution
eIQnetworks’ integrated SecureVue® security, risk and audit management platform
|
|
Result
Faster incident identification and resolution through end-to-end data correlation
Enterprise-wide console
Streamlined IT operations through fewer management solutions
Enhanced NOC/SOC collaboration with a unified console
Reduced risk and improved compliance
Lower TCO with a 30% savings in IT operational costs
|
THE ENTERPRISE — THE SOUTH FINANCIAL GROUP
The South Financial Group (TSFG) is the largest publicly-traded bank holding company in South Carolina, ranking among the top 50 U.S. commercial bank holding companies with total assets of approximately $14 billion. TSFG operates 170 branch offices in Florida, North Carolina and South Carolina, and offers online banking services through Bank CaroLine.
THE CHALLENGE
Like many geographically distributed enterprises striving to address security and compliance challenges, TSFG was using numerous best-of-breed point solutions across the enterprise. TSFG’s deployment of multiple solutions–including vulnerability scanners, system management solutions, configuration solutions and more–resulted in siloed operations that significantly complicate overall IT security, risk and audit management. To reduce complexity and cost, CISO Barry Miller and his staff set out to find a solution that could:
• Reduce management complexity by integrating security and compliance requirements
• Provide a single, consolidated view of the enterprise
• Increase collaboration between the SOC and NOC teams
• Improve efficiency and reduce cost
• Help comply with regulations
THE SOLUTION
After evaluating several offerings, TSFG selected eIQnetworks’ integrated SecureVue® security, risk and audit management platform to address the challenges the organization was facing. Delivering both Security Information and Event Management (SIEM) and IT security and compliance management in a single platform, SecureVue enables TSFG to correlate and analyze all data across the enterprise. This provides TSFG with a holistic view of its security and compliance posture by correlating log, vulnerability, configuration, asset, performance, vulnerability and network behavior anomaly data. By correlating all data, SecureVue empowers TSFG to proactively identify and reduce the number of security or compliance incidents to a manageable level. Because it collects and analyzes data over long periods and automatically correlates historical information with real-time data, it also detects the “low and slow” information breach tactics that methodical, careful hackers use to remain below the radar of tactical log-based solutions.
SecureVue provides a consolidated view of the whole network and all its nodes through a single, customizable dashboard that allows TSFG to analyze aggregated data more effectively. Role-based dashboard access allows TSFG’s security or compliance teams to tailor data presentation to their unique requirements so that potential incidents can be identified and resolved in seconds. SecureVue enables such fast identification and resolution by delivering the ability to easily drilldown into the technical detail underlying trouble spots so that TSFG staff can rapidly determine root cause. In addition to supporting the unique needs of the different technical teams, role-based access also allows the executive management team to view a dashboard customized to present a high level view of security and compliance posture.
When it comes to regulatory compliance, SecureVue delivers the comprehensive reports required to meet TSFG’s stringent security and compliance audit demands. As with enterprise security, CIOs and CISOs get a complete understanding of the enterprise’s compliance progress while, at the same time, the operational teams are presented with the detailed information needed to resolve specific compliance issues and improve overall compliance. In addition, SecureVue’s IT security and compliance management module combines with its SIEM module to allow TSFG to conduct the automated periodic self-assessments mandated by some regulations.
The unified SecureVue interface also offered TSFG an excellent platform for promoting the inter-team collaboration needed to overcome their siloed operations. Members of TSFG’s NOC, SOC and audit teams can now examine the same set of data and make sound decisions cooperatively, and these decisions will no longer create the costly headaches for others that they often did when made in isolation. The cooperation efforts of NOC, SOC and Audit teams have resulted in smoother change management process.
THE END RESULT
In TSFG’s case, the bottom line is the bottom line. That is, SecureVue’s integration of security, risk and audit management provides TSFG with deep and wide data correlation, a single enterprise console, incident identification, comprehensive reports and audit functionality that drive operational efficiency.
In Barry Miller’s own words, “We were especially impressed with SecureVue’s ability to integrate network, security and compliance information into one platform. Consolidation and correlation of information for IT risk management enables us to streamline resource requirements, identify security breaches and improve operational efficiency across our distributed network of over 170 branch offices.”
In fact, SecureVue has saved TSFG 30% in IT operational costs over the previous year through:
• Enhanced collaboration – Role-based access allowed operational, security and audit staff to set their unique view into the infrastructure.
• A unified data model – Security and network analysts could get to the root of an incident from within a single console.
• Integrated SIEM and IT security and compliance management – Deploying both SIEM and IT security and compliance management solutions in a single platform resulted in faster solution deployment and reduced system integration costs.
• Reduced management complexity – The elimination of point solutions reduced IT management complexity and freed up resources for other, high priority activities.
• Comprehensive reports – A single comprehensive report that combined all security data removed the need to create multiple reports from multiple products.
|
