{"id":25201,"date":"2020-06-27T07:58:37","date_gmt":"2020-06-27T07:58:37","guid":{"rendered":"http:\/\/35.232.100.111\/?page_id=25201"},"modified":"2022-12-28T09:43:54","modified_gmt":"2022-12-28T09:43:54","slug":"swift-security-framework","status":"publish","type":"page","link":"https:\/\/sectona.com\/swift-security-framework\/","title":{"rendered":"SWIFT Security Framework For Privileged Access"},"content":{"rendered":"\t\t
Modern infrastructure is dynamic. Secure privileged accounts with continuous discovery and vaulting.\u200b<\/p>\r\n
Request Demo<\/a><\/p><\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t The increasing payment frauds in customer\u2019s environments have led to the launch of the Customer Security Program (CSP) aimed at improving information sharing among the community, enhancing customer experiences, and providing audit frameworks. Revolving around the objectives of securing an organization\u2019s environment, restricting privileged access, and responding to anomalous activities, a set of 16 mandatory and 11 advisory security controls have been described to which customer must attest to and have proof of compliance. Among the clauses that customers must adhere to CSP framework around privileged access are highlighted below:<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t Ensure protection of SWIFT user\u2019s local infrastructure, virtual platforms and control the access of operating system privileged accounts\n<\/p>\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t Ensure passwords are sufficiently resistant against common passwords through an effective password policy<\/p>\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t Prevent compromise of a single authenticator factor that authorized access to SWIFT systems by implementing multi-factor authentication\n<\/p>\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t Enforce security principles of need-to-know access, least privileged access and segregation of duties for operator accounts<\/p>\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t Protect Physically and logically recorded passwords Record security events and detect anomalous activities and operations within the SWIFT environment Addressing Requirement 1<\/span><\/p> Capture comprehensive logs of all critical sessions in video format. Logs are stored in an encrypted format and provide auditable details accessible only to authorized personnel for improved governance.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t Manage and Inventorize privileged accounts across infrastructure. Leverage strong password change capabilities from discovery, onboarding to rotation for all vendor supplied default accounts.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t Addressing Requirement 4.2<\/span><\/p> Add a second layer of authentication to SWIFT environment by configuring customizable MFA mechanisms including token-based or built-in app-based OTP.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t Addressing Requirement 5.1<\/span><\/p> Configure access policy definitions based on user roles & functions. Define access to critical data and enforce restrictions on a need-to-know, need-to-access basis with strong workflow based access.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t Leverage strong password change capabilities from discovery, onboarding to rotation for all privileged accounts in a secure, encrypted, tamper – proof storage.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t Addressing Requirement 6.4<\/span><\/p>\n Detect risky events events for administrator activities with risk based scoring & SIEM integration.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t Capture comprehensive logs of all critical SWIFT sessions in video format. Logs are stored in an encrypted format and provide auditable details accessible only to authorized personnel for improved governance.<\/p><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t\t\t\tFind out SWIFT Requirements Specific to Privileged Access<\/h2>
Requirement 1<\/h2>\n\t\t\t\t\t\t\t
Requirement 4.1<\/h2>\n\t\t\t\t\t\t\t
Requirement 4.2<\/h2>\n\t\t\t\t\t\t\t
Requirement 5.1<\/h2>\n\t\t\t\t\t\t\t
Requirement 5.4<\/h2>\n\t\t\t\t\t\t\t
\n<\/p>\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\tRequirement 6.4<\/h2>\n\t\t\t\t\t\t\t
\n<\/p>\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\tExplore How Sectona Helps You Achieve Compliance with SWIFT<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
Monitor Every SWIFT Privileged Session<\/h2>
Automate Password Management<\/h2>\n
Enforce MFA Authentication for Admins<\/h2>
Enable Need-Based Access to Resources<\/h2>
Implement Password Management System<\/h2>\n
Leverage Risk-Based Acoring & SIEM Integration<\/h2>\n