The client wanted to improve its security posture in order to proactively prevent cyber threats and breaches such as ransomware and malware attacks. Their existing third-party security tool suite was unable to meet RBI-specified security and compliance requirements. Their systems required manual intervention for regular patch updates to remain compliant with updated regulations from time to time. Non-conformance led to outdated systems and software, causing operational risk and potential penalties from the central bank authority. Online banking platforms are required to be widely accessible so end-users can conduct financial transactions without visiting physical premises. However, this accessibility creates opportunities for hackers and malicious actors to exploit vulnerabilities. The client had a large number of endpoints across offices, user-facing consoles, and terminals spread nationwide, including rural and remote areas. To safeguard sensitive data, it was vital to maintain up-to-date security patches across all systems, endpoints, servers, and networks.

Solutions
Kinsfolk implemented BMC Client Management for endpoints and BMC TrueSight Server Automation for servers, automating the patch update process and reducing reliance on patching experts. The user-friendly interface of BMC, combined with Kinsfolk’s extensive deployment and configuration expertise, enabled users to specify the system type, operating system, patch to be deployed, and required downtime efficiently. This automation ensured compliance with RBI regulations. Kinsfolk’s solution brought the bank’s compliance statistics up to date. General systems were patched up to “N-1” month, while critical data centers and headquarters received the latest patches. Non-compliant devices were identified and corrective actions were promptly implemented. Compliance improved dramatically, rising from 5% to 95%, saving the bank significant non-compliance penalties imposed by the central bank.

Additionally, this implementation enhanced staff productivity, with updated systems operating at peak performance. In addition to patch management, Kinsfolk automated SCD (Security Configuration Document) compliance scans and deployed a Validation & Remediation process to effectively identify and address vulnerabilities that could compromise the bank’s security.

Results

Sequential Patching: All patch updates were completed in sequence for robust security, reducing vulnerabilities.
Proactive Remediation: Identified and implemented corrective actions for non-compliant devices promptly.
Regulatory Compliance: Addressed non-compliance issues with regulatory guidelines, ensuring adherence to regulatory standards.
Security Enhancement: Automated SCD compliance scans and deployed a Validation & Remediation process to identify and address vulnerabilities compromising the bank’s security.