CLIENT – INDUSTRY VERTICAL
Large, well-distributed Community Bank – Banking/ Financial Services Industry.
CLIENT SUCCESS STORY
One of United Data Technologies (UDT)‘ clients, a well-known Community Bank, experienced what was, and is, a common IT security issue in organizations of many sizes—i.e. misconfiguration of internal user accounts resulting in significant susceptibilities. A large percentage of distributed organizations in all industries, including this UDT financial services client, experience user accounts being incorrectly, or unwittingly, added, deleted, and their access permissions being erroneously set up or changed. This phenomenon is frequently a result of neglect or carelessness, but not intentional. However, cybercriminals have often leveraged these inadvertent security vulnerabilities to attack data and systems. Even if these actions are not initially malicious, cybercriminals constantly “hunt” financial institutions and others with secure, highly regulated, sensitive customer, financial and other critical data for opportunities to steal that data or hold organizations for ransom.
UDT’s financial services client was confronted with one of these situations of administrative abuse. This client is mid-sized but has a reasonably large administrative and systems staff. It also utilizes contractors to augment its internal team that support specific line-of-business applications and other technologies. Contractors were and are given access to the client’s applications and accounts in test environments through a governance process, including an internal information technology committee, and according to organizational policy—all in support of compliance with Gramm- Leach-Bliley Act (GLBA) Act banking regulations. In this specific case, UDT’s banking client, which had at the time a robust Microsoft cyber-defense architecture for its systems and customer data, made a high-level identification of a potential vulnerability through Microsoft Azure Advanced Threat Protection (ATP). Azure ATP initially identified a misconfigured administrative account for UDT’s client’s core production IT framework for external contractors – not for the test environment wherein contractors were and are approved through the bank’s governance process – as the source of the vulnerability. This dangerous susceptibility could easily have resulted in an attack on customer data and technologies if not quickly rectified.
UDT, a Microsoft Gold-competency Partner, with significant experience in numerous Microsoft platforms and the ATP solutions, with deep certification in Microsoft Security, was engaged by the financial services client’s Chief Information Officer and IT team to further investigate the issue. UDT initiated its unique ARMEDTM Powered by UDT Governance-as-a-Service (SaaS) solution to interact with, and augment, the banking client’s Microsoft services. ARMED was able to further isolate the issue and provide a very detailed detection, cleansing, and, going forward, hardening of critical systems through a unique combination of professional services and a SaaS “single pane of glass,” which consolidates Microsoft Security and other related protection and remediation services. In the case, the applications were of UDT’s ARMED solution for Microsoft Azure Advanced Threat Protection (ATP) and Microsoft Office 365 (Microsoft 365) ATP.
United Data Technologies (UDT) is a Microsoft Gold-competency Partner. ARMEDTM Powered by UDT is a unique solution to the company – representing UDT’s intellectual property – that is designed specifically to work with, and add significant additional layers of detection, isolation, remediation and process design, for Microsoft Security solutions. ARMED combines unique, patent-pending professional services and technology that supports, enhances and adds to Microsoft Advanced Threat Protection (ATP) for Microsoft Azure (Azure ATP), Microsoft Office 365 (365 ATP), and Microsoft Windows Defender (Windows Defender ATP). UDT can bundle the ARMED Governance-as-a-Service professional services and SaaS platform with the Microsoft tools, or provide it as an addition/supplement to these platforms on the basis of previous subscriptions.