In August 2003, when hackers launched a virus targeting financial institutions, Todd Williams, director of technology for Heritage Bank, had already checked the Dallas-based bank's firewall twice when the monitoring system "went all red," he says. The WatchGuard (Seattle) Firebox 1000 firewall protected Heritage's two HP (Palo Alto, Calif.) servers and 20 Dell (Round Rock, Texas) workstations, but the incident was a wake-up call for Williams.
"We needed a more proactive, multilayered approach" to security, he says. "Like a lot of other small banks, we have just a one-man [security] shop." So Williams began a search for a solution that could detect, stop and report network attack attempts without his physical presence.
He consulted the bank's trade group, the Independent Community Bankers of America (ICBA), and other resources for information on security solutions and recommended two vendors to the bank's board, which selected Post Falls, Idaho-based TriGeo Network Security's Security Information Manager software in September 2003. He declines to name the other vendors considered.
"The install was simple," Williams says. Heritage purchased a fully configured server from Trigeo and the software was loaded on his network administration machine. The client software, which lets Williams monitor individual workstations, was pushed across the network to users. TriGeo's tech support team helped Williams configure the bank's network and set up the reports he needed. Installation was completed in October 2003.
According to Williams, the solution identifies and responds to suspicious behavior, enterprise policy violations (such as an unauthorized employee attempting to access a restricted part of the network) and network attacks, and it reports the incidents. It continually monitors network devices, including firewalls, routers, servers, operating systems, workstations and security programs. The software can be customized, to reroute all traffic in the event of an attempted network intrusion or to block all e-mail from a particular IP address, for example.
Positive Report Card
Heritage selected the Security Information Manager solution primarily for its reporting features, relates Williams. In addition to reporting on network activities, the software also produces reports that show security logs, bank monitoring activity, antivirus and firewall software status and other information for compliance documentation. "The reports show that the bank is complying with the regulations in protecting customer information," he says.
As a result of the improved security and reporting provided by the solution, the FDIC raised Heritage Bank's security and soundness rating from fair to good in November 2003, permitting the bank to increase its lending limit from $100,000 to $300,000 per loan. Within a few months, the bank's assets grew nearly 30 percent, from $32 million to $42 million, and continued rising sharply to its current asset size of $82 million, according to Williams, who credits the growth largely to the larger loan limits. Additionally, the bank's exam schedule was relaxed from once a year to once every 18 months.
And the software saves Williams time preparing for the exams. The software "knocked out 80 to 90 percent of the paper I would normally have to prepare," he says.
Institution: Heritage Bank (Dallas).
Assets: $82 million.
Business Challenge: Further secure bank's network from security breaches.
Solution: Security Information Manager from TriGeo Network Security (Post Falls, Idaho).