The Challenge
Finansbank faced daunting IT security and
compliance challenges associated with its highly
manual, time consuming approach to managing
privileged passwords to its core banking systems.
There was one dedicated password for each
server and each device in the network. All
passwords were stored in approximately 200
separate paper envelopes in a physical vault.
If anyone needed access to an application, server
or necessary system, password requests were
processed through a service center and issued
by hand by the IT team. If there was ever a server
crash or the need for a password to be accessed
immediately, as in a break-glass scenario, it could
take more than 30 minutes just to get the right
envelope. Additionally, password inventory was
stored in an Excel file, audit reports were limited,
and the process for manually resetting
passwords after each use wasn’t efficient.
“Our manually-intensive approach to password
management was impeding the bank’s ability to
scale operationally, it was difficult to manage
power users and meeting audit and compliance
requirements put a serious strain on resources,”
said Burak Öztürk, Finansbank. “We simply
needed to make this process smoother and
more efficient.”