Enterprise-class universal centralized security authentication system
Currently, the security of Banking IT system has attracted highly attention of banks executives and industry regulatory authorities. The security of banking information system should satisfy following features:
1. Information leaking prevention
2. Industry requirements and compliance (CBRC regulations, 29001, HIPAA, PCI, etc.)
3. Auditing requirements
At the present, banks most adopt decentralized management model for their IT system security management. Server room, network, host system, application each has their own security authentication system which are independent from each other. As a result, personnel have to rememberexcessiveamount of passwords which are easily forgotten or mixed up; more importantly, the fact that majority of super-admin passwords rest in the hands of system administrator, which is a great risk to the information security and internal information leakage, thus unfit to meet the requirement of the internal compliance and auditing; moreover,in order to strengthen information security, larger amount of changes has to made to the application system when new authentication methods and technologies are implemented.
To solve the problem, the best solution is using enterprise-class universal centralized security authentication system.
i-Sprint universal centralized security authentication system is a widely recognized successful product. The world’s largest commercial bank Citibank is currently using the system. i-Sprint universal centralized security authentication system has the following features:
1. One centralized security authentication system controls the security authentication of all IT systems(server room, network, host, application systems). Relative personnel can access authorized systems by single sign-on.
2. Centralized authentication management. System access authority are managed by security personnel which satisfies industry regulatory, compliance and audit requirements.
3. The use of super-administrator password is managed by the security personnel to avoid internal security risks.
4. Universal centralized security authentication system has logging and reporting capabilities to facilitate audit and subsequent investigation.
5. Universal centralized security authentication system supports multiple security authentication methods and techniques. User can modify the application system according to varieties of security authentication methods and techniques requirements.