ME Bank bakes security into core overhaul

Powered by SC Magazine
 

Doles out role access to staff.

Members Equity Bank has identified security and identity access management as a "foundational piece" of its $57 million technology overhaul.

The bank is currently a year into the four-year transformation program, which aims to upgrade its core systems to be able to handle up to four times its current 250,000-strong member base.

It has begun rolling out a new core banking solution based on Temenos and webMethods, and recently finished rolling out several IBM role-based identity access tools to clamp down on unauthorised or unrevoked user access to applications.

Lachlan McGill, ME Bank's information security manager, said the IT team approached bank executives with security as one of three core pillars underpinning the core overhaul.

"We went to the board and said 'systems transformation, we know we've got to put it in otherwise we're not going to be here in five years' time'," he said.

"'If we want this transformation program to be a success, we need to put in the core foundational pieces - business process modelling, integration across the service bus and the other one was identity and access management.'"

ME Bank's core systems overhaul was approved alongside an IT security project that aimed to provide greater control over applications and systems access for internal staff, former employees and the bank's managed services provider.

Former employees were particularly worrisome for the bank, as they sometimes retained access to legacy applications after leaving the bank.

McGill said the information environment had become a security "nightmare" for both the IT team and staff who often had to remember more than 20 usernames and passwords for individual applications.

"Without fail when we were rolling out some of this, we'd go to people's workstations and we'd say 'log into this application for us' and they'd go to their top drawer, grab their diary or take their post-it note off the monitor and type in their username and password," he said.

The tools, rolled out earlier this year, provided the bank with enterprise single sign-on and self-service password resets for applications, significantly reducing the 25 to 40 percent of service desk calls from employees asking for password resets.

"The amount of good will we had coming back from the business just from the single fact of single sign-on and self-service password reset was incredible. They're really easy technologies to deploy, I'm amazed we didn't do it earlier, quite frankly," McGill said.

The bank rolled out single sign-on to its ActiveDirectory database as well as most Unix and Linux applications but decided against providing similar access to legacy applications.

McGill said assigning and maintaining role-based access for staff had since become a significant part of the IT team's day job, in addition to reworking the application after implementation to "get it to the way we actually wanted it to work".

However, he said the security functionality now allowed the bank to provision a workstation and email, along with some applications for new staff within a day, as opposed to the two weeks many often waited prior to the transformation program.

Technology transformation

ME Bank expects to roll out the business process management and service bus integration components of its $57 million transformation program this year.

McGill told iTnews that with business process management in particular, the bank would be able to take a personal loan application and "refer that onto the right people and right system".

"You'll be able to just automate that process from end-to-end," he said.

ME Bank joins a number of banks currently undergoing core overhauls with the aim of achieving real-time banking and seven-day payment clearance capabilities.

"When we looked at who we were going to use for our core banking product, we did speak to a numbers of institutions around their experiences with the different vendors," McGill said.

"We'll be relying on trusted service integrators to provide that insight or get that information from other organisations such as CommBank."

Copyright © iTnews.com.au . All rights reserved.


ME Bank bakes security into core overhaul
 
 
 
Top Stories
Frugality as a service: the Amazon story
Behind the scenes, Amazon Web Services is one lean machine.
 
Negotiating with the cloud email megavendors
[Blog post] Lessons from Woolworths’ mammoth migration.
 
Qld govt to move up to 149k staff onto Office 365
Australia's largest deployment, outside of the universities.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

The great data centre opportunity on Australia's doorstep
The great data centre opportunity on Australia's doorstep
Scott Noteboom, CEO of LitBit speaking at The Australian Data Centre Strategy Summit 2014 in the Gold Coast, Queensland, Australia. http://bit.ly/1qpxVfV Scott Noteboom is a data centre engineer who led builds for Apple and Yahoo in the earliest days of the cloud, and who now eyes Asia as the next big opportunity. Read more: http://www.itnews.com.au/News/372482,how-do-we-serve-three-billion-new-internet-users.aspx#ixzz2yNLmMG5C
Interview: Karl Maftoum, CIO, ACMA
Interview: Karl Maftoum, CIO, ACMA
To COTS or not to COTS? iTnews asks Karl Maftoum, CIO of the ACMA, at the CIO Strategy Summit.
Susan Sly: What is the Role of the CIO?
Susan Sly: What is the Role of the CIO?
AEMO chief information officer Susan Sly calls for more collaboration among Australia's technology leaders at the CIO Strategy Summit.
Meet the 2014 Finance CIO of the Year
Meet the 2014 Finance CIO of the Year
Credit Union Australia's David Gee awarded Finance CIO of the Year at the iTnews Benchmark Awards.
Meet the 2014 Retail CIO of the Year
Meet the 2014 Retail CIO of the Year
Damon Rees named Retail CIO of the Year at the iTnews Benchmark Awards for his work at Woolworths.
Robyn Elliott named the 2014 Utilities CIO of the Year
Robyn Elliott named the 2014 Utilities CIO of the Year
Acting Foxtel CIO David Marks accepts an iTnews Benchmark Award on behalf of Robyn Elliott.
Meet the 2014 Industrial CIO of the Year
Meet the 2014 Industrial CIO of the Year
Sanjay Mehta named Industrial CIO of the Year at the iTnews Benchmark Awards for his work at ConocoPhillips.
Meet the 2014 Healthcare CIO of the Year
Meet the 2014 Healthcare CIO of the Year
Greg Wells named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at NSW Health.
Meet the 2014 Education CIO of the Year
Meet the 2014 Education CIO of the Year
William Confalonieri named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at Deakin University.
Meet the 2014 Government CIO of the Year
Meet the 2014 Government CIO of the Year
David Johnson named Government CIO of the Year at the iTnews Benchmark Awards for his work at the Queensland Police Service.
Q and A: Coalition Broadband Policy
Q and A: Coalition Broadband Policy
Malcolm Turnbull and Tony Abbott discuss the Coalition's broadband policy with the press.
AFP scalps hacker 'leader' inside Australia's IT ranks.
AFP scalps hacker 'leader' inside Australia's IT ranks.
The Australian Federal Police have arrested a Sydney-based IT security professional for hacking a government website.
NBN Petition Delivered To Turnbull's Office
NBN Petition Delivered To Turnbull's Office
UTS CIO: IT teams of the future
UTS CIO: IT teams of the future
UTS CIO Chrissy Burns talks data.
New UTS Building: the IT within
New UTS Building: the IT within
The IT behind tomorrow's universities.
iTnews' NBN Panel
iTnews' NBN Panel
Is your enterprise NBN-ready?
Introducing iTnews Labs
Introducing iTnews Labs
See a timelapse of the iTnews labs being unboxed, set up and switched on! iTnews will produce independent testing of the latest enterprise software to hit the market after installing a purpose-built test lab in Sydney. Watch the installation of two DL380p servers, two HP StoreVirtual 4330 storage arrays and two HP ProCurve 2920 switches.
The True Cost of BYOD
The True Cost of BYOD
iTnews' Brett Winterford gives attendees of the first 'Touch Tomorrow' event in Brisbane a brief look at his research into enterprise mobility. What are the use cases and how can they be quantified? What price should you expect to pay for securing mobile access to corporate applications? What's coming around the corner?
Ghost clouds
Ghost clouds
ACMA chair Chris Chapman says there is uncertainty over whether certain classes of cloud service providers are caught by regulations.
Was the Snowden leak inevitable?
Was the Snowden leak inevitable?
Privacy experts David Vaile (UNSW Cyberspace Law and Policy Centre) and Craig Scroggie (CEO, NextDC) claim they were not surprised by the Snowden leaks about the NSA's PRISM program.
Latest Comments
Polls
Which bank is most likely to suffer an RBS-style meltdown?





   |   View results
ANZ
  21%
 
Bankwest
  9%
 
CommBank
  11%
 
National Australia Bank
  17%
 
Suncorp
  24%
 
Westpac
  19%
TOTAL VOTES: 1442

Vote