Bank ensures FFIEC and GLBA compliance while saving hours of work

Netwrix Corporation, provider of a visibility platform for user behavior analysis and risk mitigation that empowers banks to secure customer data and excel at demonstrating regulatory compliance, announced today that Forreston State Bank uses Netwrix Auditor to streamline compliance and enhance security across the entire IT environment.

Founded in 1887 in Forreston, Illinois, U.S., Forreston State Bank is a local financial institution that provides personal and business banking services, including deposits, home loans, card services and online solutions. The bank has to ensure compliance with The Federal Financial Institutions Examination Council (FFIEC) standards that govern GLBA requirements. Regular certification consists of several internal and external audits during each 18-month cycle. The IT team, which comprises just one full-time employee and several interns, needed to optimize the cumbersome process of preparing for these audits. Particular concerns were establishing control over privileged accounts and gaining visibility into actions around critical data. Non-compliance would damage the bank’s reputation and make it subject to fines.

The IT team chose Netwrix Auditor based on the recommendation of IT groups from several other banks and its own thorough testing. With the software, Forreston State Bank achieved the following results:

• Surveillance of privileged accounts. Netwrix Auditor provides deep visibility into the IT infrastructure, so IT staff can closely watch privileged users. This helps to make sure that nobody gains excessive privileges or does something outside their scope of responsibility, putting security and compliance at risk.
• Enhanced control over file servers. Actions around the data are now monitored thoroughly. Moreover, Netwrix Auditor enabled the IT team to easily spot and revoke all excessive access rights, as auditors requested during the bank’s previous audit.
• Improved reporting for audits. Netwrix Auditor enabled the IT team to automate reporting for external audits and internal checks, saving them at least eight hours every week.

Netwrix Auditor gives me insight about our network quickly and in a clear format. Now, I can see exactly who did what, when and where, and provide proper reports to the auditors. Netwrix Auditor saves me around eight hours a week just for regular auditing processes and keeps our bank in continuous compliance with FFIEC and GLBA requirements.
Christopher H. Cronau, Senior Vice President of Forreston State Bank

To keep customers’ confidential data secure from ever-growing cyber threats and regularly prove compliance with industry requirements, banks have to be able to reduce their attack surface and mitigate the risk of insider threats and policy violations, all in a timely manner. These challenges can be overwhelming for their IT teams, which are often understaffed and short on budget. Gaining pervasive visibility into activity across the IT environment enables IT staff to solidify security and ensure ongoing compliance.
Michael Fimin, CEO and Co-founder of Netwrix

To read the complete case study, please visit: www.netwrix.com/go/fsbi