Adapting network infrastructure

Adapting network infrastructure

Adapting the network infrastructure after an audit

Abstract

In its final report, the supervisory authority criticized inadequate network security at a cooperative bank and demanded measures to be implemented within 18 months.

1

Initial situation and problem definition

ECB audit: Need for adaptation of the network infrastructure of a German cooperative bank

Audit report contains concrete measures and other less clearly defined proposals for improvement

The audit report requires improved network security

Timetable requires ECB approval

2

Objectives, project scope and benefits

Closure of the security gaps criticized in report

Definition of further measures for network security

Adaptation of operating processes to new network infrastructure measures

Transfer of operations successfully completed

SLAs adapted between customer and service provider

3

Procedure

Clarification of the assignment and agreement on responsibilities

Definition of work packages, individual activities and schedule

Development of solution scenarios and implementation concepts to improve network security

Support and execution of the operational implementation

Regular activity reporting to the customer

Preparation of final reports

4

Results achieved and outlook

ECB report on the implementation of defined measures

The following concepts prepared and measures implemented:

  • Data encryption within Campus
  • Port security management
  • LAN and WLAN authentication
  • Dual vendor strategy for partner firewall
  • Demand- and risk-oriented zoning concept