COMPLIANCE SOLUTIONS

SWIFT Customer Security Controls Framework

Meet SWIFT Security Controls requirements with privileged access management and vulnerability management solutions from BeyondTrust.

Simplifying SWIFT Customer Security Controls Compliance

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global organization that helps its more than 11,000 financial institution customers, in more than 200 countries and territories around the world, get the most out of their secure messaging services. Being SWIFT compliant means that organizations can securely and seamlessly communicate financial information between users.

To enable compliance, SWIFT has created the Customer Security Controls Framework – a set of mandatory and advisory security controls for SWIFT users grouped into three overall objectives – Secure Your Environment, Know and Limit Access, and Detect and Respond – supported by eight security principles and 27 security controls.

Address SWIFT Security Controls Requirements with BeyondTrust Cybersecurity Solutions

Privileged access management and vulnerability management play a pivotal role in meeting SWIFT standards. BeyondTrust solutions help address 6 of the SWIFT security controls.

1. Restrict Internet Access and Protect Critical Systems from General IT Environment

1. Restrict Internet Access and Protect Critical Systems from General IT Environment

Provide secure RDP and SSH access into a secure zone and manage privilege sessions to ensure oversight. Limit activity and to specific users and applications, and audit access across servers and endpoints for Unix, Linux, Windows, and Mac environments.

2. Reduce Attack Surface and Vulnerabilities

2. Reduce Attack Surface and Vulnerabilities

Secure access between applications, operators, and the resulting reports, event management, configuration, and session playback recordings. Identify missing security updates and vulnerabilities and zero in on configuration anomalies. Harden systems by removing unnecessary privileges.

4. Prevent Compromise of Credentials

4. Prevent Compromise of Credentials

Ensure password security best practices, including privileged password rotation and strength for users, accounts, and applications. Support multifactor authentication for managing policies, reviewing events and sessions, and generating reports.

5. Manage Identities and Segregate Privileges

5. Manage Identities and Segregate Privileges

Separate duties by restricting privileged password and session access. Enforce least privilege and provide logical access to resources based on policies and context-aware parameters. Securely store and manage credentials, and provide complete attestation reporting for their usage and session activity.

6. Detect Anomalous Activity to Systems or Transaction Records

6. Detect Anomalous Activity to Systems or Transaction Records

Collect and analyze file, process, and service hash information from applications that are executed, and from processes and services gathered during credentialed scans. Report on all privilege changes that could affect software integrity. Log and monitor all changes to Active Directory, File Systems, Exchange, and Microsoft SQL.

7. Plan for Incident Response and Information Sharing

7. Plan for Incident Response and Information Sharing

Collect, aggregate, and centralize privileged activity and vulnerability assessments, and integrate with third-party solutions to automate actions and support a holistic cyber-incident response plan.