SWIFT Customer Security Controls Framework
Meet SWIFT Security Controls requirements with privileged access management and vulnerability management solutions from BeyondTrust.
Simplifying SWIFT Customer Security Controls Compliance
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global organization that helps its more than 11,000 financial institution customers, in more than 200 countries and territories around the world, get the most out of their secure messaging services. Being SWIFT compliant means that organizations can securely and seamlessly communicate financial information between users.
To enable compliance, SWIFT has created the Customer Security Controls Framework – a set of mandatory and advisory security controls for SWIFT users grouped into three overall objectives – Secure Your Environment, Know and Limit Access, and Detect and Respond – supported by eight security principles and 27 security controls.
BeyondTrust PowerBroker Privileged Access Management and Retina Enterprise Vulnerability Management solutions help proactively eliminate data breaches from insider privilege abuse and external hacking attacks. With an integrated risk intelligence platform, BeyondTrust cybersecurity solutions reveal critical risks hidden within volumes data to prevent breaches, maintain SWIFT compliance, and ensure business continuity.
Address SWIFT Security Controls Requirements with BeyondTrust Cybersecurity Solutions
Privileged access management and vulnerability management play a pivotal role in meeting SWIFT standards. BeyondTrust solutions help address 6 of the SWIFT security controls.
1. Restrict Internet Access and Protect Critical Systems from General IT Environment
Provide secure RDP and SSH access into a secure zone and manage privilege sessions to ensure oversight. Limit activity and to specific users and applications, and audit access across servers and endpoints for Unix, Linux, Windows, and Mac environments.
2. Reduce Attack Surface and Vulnerabilities
Secure access between applications, operators, and the resulting reports, event management, configuration, and session playback recordings. Identify missing security updates and vulnerabilities and zero in on configuration anomalies. Harden systems by removing unnecessary privileges.
4. Prevent Compromise of Credentials
Ensure password security best practices, including privileged password rotation and strength for users, accounts, and applications. Support multifactor authentication for managing policies, reviewing events and sessions, and generating reports.
5. Manage Identities and Segregate Privileges
Separate duties by restricting privileged password and session access. Enforce least privilege and provide logical access to resources based on policies and context-aware parameters. Securely store and manage credentials, and provide complete attestation reporting for their usage and session activity.
6. Detect Anomalous Activity to Systems or Transaction Records
Collect and analyze file, process, and service hash information from applications that are executed, and from processes and services gathered during credentialed scans. Report on all privilege changes that could affect software integrity. Log and monitor all changes to Active Directory, File Systems, Exchange, and Microsoft SQL.
7. Plan for Incident Response and Information Sharing
Collect, aggregate, and centralize privileged activity and vulnerability assessments, and integrate with third-party solutions to automate actions and support a holistic cyber-incident response plan.