Banks primarily operate in a service industry and trust is a key part of that service. Loss of trust can be disastrous for banks’ goodwill and business. Hencebanks constantly focus their effort in ensuring that they maintain the trust of their customers and adhere to internal and external regulatory compliance. A resilient service-oriented IT infrastructure goes a long way in creating a customer focused enterprise, streamlining operation, managing risk and reducing cost.
Based on the current external trends and business challenges facing the banking industry today, IBM has identified four key imperatives we have learned from our work with clients in the industry, that stand out as the most critical and effective business objectives for thriving in today’s environment.Create a customer-focused enterprise; Transform from a product centric organization to a customer centric organization and make the customer as the centered organizing principle to re-align data insights, operations, technology and systems Increase flexibility and streamline operations; Improve agility to react faster to changing market conditions while creating long-term sustainable differentiation in the marketplaceDrive innovation while managing cost; Deliver new customer centric products and services quickly to seize market opportunities with predictable costOptimize enterprise risk management; Maximize return on equity, combat fraud and mitigate operational risk while achieving compliance objectives
The major challenge for Banking is to identify the status of all the endpoint across platform and form factor. This may including network-attached servers and desktops, Internet-connected laptops, smart phones and tablets, ATMs and self-service kiosks, BYOD (Bring your own device). Once the above is established the next challenge is the up-to-date implementation of patches, security compliance, automate remediation of endpoint issues.The third challenge is to continuously updating of security policies and keep the endpoints compliant with current banking policies like BASEL and PCI. IBM’s Endpoint Management solution helps address all these problems. Its unique capabilities of single console control of different platforms and scalable solution of managing more than 250K endpoints from one server reduce the resource needed to manage the diversified infrastructure of Banks. The automation of patch management, power management, security management etc helps in effective implementation of bank’s IT policies. The continuous updating of security policies supports compliance. Its ability to generate real time reports helps IT department makes better and timelier decisions on security policies, asset purchases and security audit.
Most bank networks are highly distributed. Users are connecting to your HQ site from across the Internet, while on the road, and also from remote offices – which makes security and systems management extremely challenging. Additionally, most bank networks have bandwidth constraints – over wireless, shared MPLS, satellite links, internet banking etc - which makes pushing fat software packages and security patches over these latency-prone links a huge burden for the IT organization. Moreover, many of these devices are intermittently connected – particularly those roaming laptops – which makes validating and updating their configuration virtually impossible. Finally, most banks have many different types of servers, desktops, laptops, ATM and handheld devices, making cross-platform support a must for any security and systems management solution.Unlike alternative solutions, BigFix was purpose-built to work efficiently within these types of environments. As you can see from the diagram, BigFix Agents can be deployed on all types of devices, whether those are running Windows, Windows Mobile, different flavors of UNIX, Linux and Mac. The BigFix Agent is the “brains” of the BigFix Unified Management Platform and continuously assesses the state of the endpoint against policy, whether connected to the network or not. As soon as it notices that an endpoint is out of compliance with a policy or checklist, it informs the BigFix server and executes the configured remediation strategy, and immediately notifies the BigFix Server of task status (completed, in process, not completed).The BigFix Server manages policy content – delivered in messages called “BigFix Fixlets” and updated continuously via the BigFix Content Delivery cloud-based service – and enables the BigFix Operator to maintain real-time visibility and control over all devices in the environment – including instantaneous discovery of devices that aren’t managed by BigFix. Because most of the analysis, processing and enforcement work is done by the BigFix Agent rather than the Server, ONE BigFix Server can support more than 200K endpoints, enabling customers to make the most of their security and systems management investment. Whatever specific BigFix solution a customer uses – whether it’s endpoint protection, systems lifecycle management or security configuration and vulnerability management – it’s delivered via a single management console view. Additionally, new services can be provisioned and delivered via the BigFix Content Delivery cloud with no additional hardware or software installations or network changes.Deployment is straightforward, and is typically completed within hours or days. Agents can automatically be installed within minutes, without disrupting end-users. Additionally, most customers deploy BigFix Relays to help manage distributed devices and policy content and as you can see in the diagram – an existing workstation can be leveraged for this purpose. Promoting an Agent to a Relay takes minutes and doesn’t require dedicated hardware or network configuration changes. It’s entirely up to the customer how many Relays to deploy and where they’d like to place them; however, we can certainly make recommendations based on business and technical considerations. In addition to caching patches and other software updates close to end user devices, BigFix Relays manage the bandwidth used by BigFix to ensure that systems and security management tasks don’t consume all available network bandwidth.To a world accustomed to multiple, fragmented technologies and point solutions, BigFix offers an alternative: the industry’s only single-console, single-agent platform that addresses operations, security and compliance initiatives in real-time and at global scale.
Today every Bank want to achieve a high level of patch and endpoint compliance without impacting the end user, implement virtual desktop without major infrastructure investment - Advance Threat ProtectionBig data, cloud and mobile device are pressurizing the network but Banks want to ensure 24x7 network availability and good performance - Manage Endpoint in Dynamic NetworkIn case of security outrage banks wants to protect all the endpoint quickly, ensuring security compliance of Mobiles and BYOD is very essential as they access sensitive data of Banks - Mobile Enterprise and SecurityIBM endpoint solution is a one stop solution that not only shows ROI within days of implementation but also ensures regulatory compliance that can be reported and showcased in audits. - Compliance and Cost
Notes: Please feel free to get in touch with our team or links provided here for in-depth information on Endpoint Management