Find out SWIFT requirements specific to privileged access
The increasing payment frauds in customer’s SWIFT environments have led to the launch of the Customer Security Programme (CSP) aimed at improving information sharing among the community, enhancing customer experiences, and providing audit frameworks. Revolving around the objectives of securing an organization’s environment, restricting privileged access, and responding to anomalous activities, a set of 16 mandatory and 11 advisory security controls have been described to which customer must attest to and have proof of compliance. Among the clauses that customers must adhere to CSP framework around privileged access are highlighted below:
Requirement 1
Ensure protection of SWIFT user’s local infrastructure, virtual platforms and control the access of operating system privileged accounts
Requirement 4.1
Ensure passwords are sufficiently resistant against common passwords through an effective password policy
Requirement 4.2
Prevent compromise of a single authenticator factor that authorized access to SWIFT systems by implementing multi-factor authentication
Requirement 5.1
Enforce security principles of need-to-know access, least privileged access and segregation of duties for operator accounts
Requirement 5.4
Protect Physically and logically recorded passwords
Requirement 6.4
Record security events and detect anomalous activities and operations within the SWIFT environment
Explore how Sectona helps you achieve compliance with SWIFT
Monitor every SWIFT privileged session
Capture comprehensive logs of all critical SWIFT sessions in video format. Logs are stored in an encrypted format and provide auditable details accessible only to authorized personnel for improved governance.
Automate Password Management
Manage and Inventorize privileged accounts across infrastructure. Leverage strong password change capabilities from discovery, onboarding to rotation for all vendor supplied default accounts.
Enforce MFA authentication for admins
Add a second layer of authentication to SWIFT environment by configuring customizable MFA mechanisms including token-based or built-in app-based OTP.
Enable need based access to resources
Configure access policy definitions based on user roles & functions. Define access to critical data and enforce restrictions on a need-to-know, need-to-access basis with strong workflow based access.
Implement Password Management System
Leverage strong password change capabilities from discovery, onboarding to rotation for all privileged accounts in a secure, encrypted, tamper – proof storage.
Leverage Risk based scoring & SIEM integration
Detect risky events events for administrator activities with risk based scoring & SIEM integration.
"Well rounded & integrated PAM suite with easy adaptability to support critical user access across AWS resources"
Trusted by
Next Steps
Explore use-cases aligned with your privileged access requirements