CASE STUDY American International Group, Inc. (AIG) is a leading international insurance organization, serving more than 88 million commercial, institutional and individual customers in 130 countries. Industry: Insurance and Financial Services Remote Vendor Monitoring One of the company’s 64,000 employees, Snir Hoffman, Infrastructure Architect, needed to deploy a solution to monitor external vendors with access to credit card information. AIG provides its vendors with access to 40 regulated servers via virtual workstations that contain all the required applications. AIG needed to monitor everything that vendors did on those servers, in order to demonstrate compliance with PCI regulations. Hoffman evaluated ObserveIT and CyberArk to address this challenge, and chose ObserveIT. “We surveyed existing customers of both products and received much better feedback about ObserveIT from surveys of existing customers,” explained Hoffman. “ObserveIT is much faster to deploy, and it is easier to use and manage.” Hoffman’s team initially deployed ObserveIT to provide the monitoring required by PCI, and were satisfied with its low-maintenance reliability. However, the company discovered how valuable ObserveIT could be in other areas following an incident that caused an important system to fail. “While troubleshooting the downed system, we realized we could use ObserveIT to show us what might have caused the problem,” recalls Hoffman. “Sure enough, ObserveIT showed us precisely what happened: one of our trusted vendors inadvertently corrupted a configuration file. This helped us restore the system quickly, and address the matter with our vendor.” AIG decided to expand their ObserveIT monitoring coverage to all their external vendors, and subsequently to privileged internal employees as well. In doing so, they realized another significant benefit: deterrence and extra caution on the part of all users. “The notification message that appears at the beginning of each session informing users that they are being recorded initially caused some surprise from our vendors and admins,” explained Hoffman. “However, we saw that all users were being more careful with their actions. It’s all about people and people are bound to mistakes. ObserveIT helped us mitigate risk across all vendors and users who access our critical systems.” AIG has recently integrated ObserveIT-generated user activity data into their SIEM, RSA Security Analytics, which can now provide important “user context” for system events. “We realized that infrastructure monitoring alone was only giving us half the picture,” said Hoffman. — Snir Hoffman, Infrastructure Architect, AIG AIG is presently expanding their use of ObserveIT into real-time alerts. Beyond compliance and IT troubleshooting, real-time alerts allow security staff to stop dangerous activities before any damage is caused. “We are excited about using ObserveIT to notify us, in real time, about changes made to sensitive configuration files, and even particular activities performed within particular critical line-of-business applications, such as financial and CRM,” said Hoffman. “We began using ObserveIT specifically to address PCI regulations, but the system ended up helping us deploy a comprehensive user-centric security strategy.” Fast PCI compliance – All access to credit card data is monitored and tracked. Easy IT forensics – Troubleshooting incidents is simple using keyword search and visual forensics. User-centric security strategy – Monitor, detect and respond to user-based risk. observeit.com/tryitnow
© Copyright 2024