Find Out SWIFT Requirements Specific to Privileged Access
Modern infrastructure is dynamic. Secure privileged accounts with continuous discovery and vaulting.
Find out SWIFT Requirements Specific to Privileged Access
The increasing payment frauds in customer’s environments have led to the launch of the Customer Security Program (CSP) aimed at improving information sharing among the community, enhancing customer experiences, and providing audit frameworks. Revolving around the objectives of securing an organization’s environment, restricting privileged access, and responding to anomalous activities, a set of 16 mandatory and 11 advisory security controls have been described to which customer must attest to and have proof of compliance. Among the clauses that customers must adhere to CSP framework around privileged access are highlighted below:
Requirement 1
Ensure protection of SWIFT user’s local infrastructure, virtual platforms and control the access of operating system privileged accounts
Requirement 4.1
Ensure passwords are sufficiently resistant against common passwords through an effective password policy
Requirement 4.2
Prevent compromise of a single authenticator factor that authorized access to SWIFT systems by implementing multi-factor authentication
Requirement 5.1
Enforce security principles of need-to-know access, least privileged access and segregation of duties for operator accounts
Requirement 5.4
Protect Physically and logically recorded passwords
Requirement 6.4
Record security events and detect anomalous activities and operations within the SWIFT environment
Explore How Sectona Helps You Achieve Compliance with SWIFT
Sectona Privileged Access Management Solution is an integrated solution of several capabilities like password management, session management and threat analytics adhered to and governed by customers in the SWIFT environment. Listed below are few of the use cases compliant with each of the clauses of the SWIFT Framework w.r.t privileged access.
Addressing Requirement 1
Monitor Every SWIFT Privileged Session
Capture comprehensive logs of all critical sessions in video format. Logs are stored in an encrypted format and provide auditable details accessible only to authorized personnel for improved governance.
Addressing Requirement 4.1
Automate Password Management
Manage and Inventorize privileged accounts across infrastructure. Leverage strong password change capabilities from discovery, onboarding to rotation for all vendor supplied default accounts.
Addressing Requirement 4.2
Enforce MFA Authentication for Admins
Add a second layer of authentication to SWIFT environment by configuring customizable MFA mechanisms including token-based or built-in app-based OTP.
Addressing Requirement 5.1
Enable Need-Based Access to Resources
Configure access policy definitions based on user roles & functions. Define access to critical data and enforce restrictions on a need-to-know, need-to-access basis with strong workflow based access.
Addressing Requirement 5.4
Implement Password Management System
Leverage strong password change capabilities from discovery, onboarding to rotation for all privileged accounts in a secure, encrypted, tamper – proof storage.
Addressing Requirement 6.4
Leverage Risk-Based Acoring & SIEM Integration
Detect risky events events for administrator activities with risk based scoring & SIEM integration.
Explore How Sectona Helps You Achieve Compliance with SWIFT
Sectona Privileged Access Management Solution is an integrated solution of several capabilities like password management, session management and threat analytics adhered to and governed by customers in the SWIFT environment. Listed below are few of the use cases compliant with each of the clauses of the SWIFT Framework w.r.t privileged access.
Addressing Requirement 1
Monitor Every SWIFT Privileged Session
Capture comprehensive logs of all critical sessions in video format. Logs are stored in an encrypted format and provide auditable details accessible only to authorized personnel for improved governance.
Addressing Requirement 4.1
Automate Password Management
Manage and Inventorize privileged accounts across infrastructure. Leverage strong password change capabilities from discovery, onboarding to rotation for all vendor supplied default accounts.
Addressing Requirement 4.2
Enforce MFA Authentication for Admins
Add a second layer of authentication to SWIFT environment by configuring customizable MFA mechanisms including token-based or built-in app-based OTP.
Addressing Requirement 5.1
Enable Need-Based Access to Resources
Configure access policy definitions based on user roles & functions. Define access to critical data and enforce restrictions on a need-to-know, need-to-access basis with strong workflow based access.
Addressing Requirement 5.4
Implement Password Management System
Leverage strong password change capabilities from discovery, onboarding to rotation for all privileged accounts in a secure, encrypted, tamper – proof storage.
Addressing Requirement 6.4
Leverage Risk-Based Acoring & SIEM Integration
Detect risky events events for administrator activities with risk based scoring & SIEM integration.
Trusted by Leading Organizations
Implement in minutes and onboard workloads across multiple clouds. Discovery, Secure Passwords and Secrets. Empower every team from vendors to application users via a single platform.