CASE STUDY: Overcoming compliance burdens while maximizing 24/7 security

A case study for integrated SIEM and Log Management for Orbis Financial

Forbisrom investment management to custodial holdings, Orbis Financial is directly responsible for the safety of assets and securities worth hundreds of millions of dollars since 2005. They utilize and employ innovative technology and “zero-conflict” practices for a variety of India-based and foreign concerns wishing to grow and safeguard their investments in India. Orbis is a registered member of the Securities and Exchange Board of India (SEBI). Though their primary headquarters is located in Gugaron, Haryana India, they also maintain a significant European presence in Switzerland. Orbis Financial earned multiple ISO certifications that cover business practices and technological standards. These include ISO 9001:2008, ISO 27001:2005, ISO/IEC 27001:2013 and ISO 22301:2012 . They are one of the few custodial financial management organizations recognized with these certifications.

Download this case study

The Challenge

The continuous pressure on financial organizations like Orbis Financial to effectively secure its network extends beyond preventing intrusion from outside attacks. There are as many internal threats, exponential ATPs, identity thefts, frauds and other complex means to compromise both corporate and client information and financial assets. To that end, organizations like Orbis are subject to rigorous oversight by regulatory agencies to ensure compliance with best security practices. In fact, Orbis is subject to more than 36 audits per year. Each of these audits are comprehensive which strains the bandwidth of the personnel responsible for maintaining the requirements. A considerable part of the issue was the disparate silos of security information required to be analyzed in advance of these audits..

According to Mani Kant Singh, Orbis’ Chief Information Officer, “We had to maintain so many logs, which get generated from many devices; store them, back them up and restore them for the audit requirement. It was not only cumbersome, but deflected focus away from our core business.”

Additionally, in accordance with its fiduciary commitment to clients and shareholders, Orbis was committed to providing elite security and risk mitigation services. Towards that goal, Orbis also needed to minimize the CapEx impact and expenses of a lingering phased deployment that traditional security solutions often incur.

The Solution

fig11After analyzing several alternatives, Orbis Financial chose CloudAccess’ CloudSIEM to serve as the cornerstone of its security management initiative. Apart from the enterprise-comparative feature set, Orbis was intrigued by CloudAccess’ unique hybrid approach that reduced their capital expenditures towards the project to nil. The data would remain safely behind existing secure firewalls and on-premise, but local sensors would collect all the logs and send them encrypted (via VPN) to the powerful, cloud-based correlation engine. CloudAccess was able to analyze all the logs in real time and provide the necessary visibility to find usage anomalies and other potential alerts requiring actionable intelligence.

CloudSIEM provided Orbis enhanced potency to better manage event, application, vulnerability and machine data in order to identify and prevent compliance policy violations found on the network or host based systems. This meant an new improved visibility and capability to deal with various threats, frauds and  apply behavior analysis; all without adding any hardware or capital expenses. This also created a new policy flexibility which gave analysts complete visibility into the granular reporting necessary to satisfy all the compliance audits. In fact, since CloudSIEM has been in service, Orbis has not failed a single audit, nor incurred any compliance fines.

Orbis uses ClouSIEM’s centralized dashboard to “make the right decisions at the appropriate time” and augments its staff with additional security-as-a-service analysts (maintained as a value add service fro CloudAccess) to keep up with the 24/7/365 monitoring demand.

The Results

Orbis gives CloudSIEM high marks across the board. Not only has Orbis been able to continuously meet the requirements of the multiple compliance agencies, they have noted definitive improvements in 5 mission critical areas:

Operational

Increased visibility has obviously produced comprehensive ability to detect advanced threats, apply 24/7/365 monitoring across the enterprise (including privileged accounts),  and provide actionable intelligence, vulnerability scans and risk routing, but more specifically:

Financial

In terms of the “bottom line,”  Orbis was not required to spend any capital expenditure budget and was able to scale to the existing deployment in less than 90 days.

Productivity

Customer Service

Improved market share