Financial Security

Database Audit System Project of Bank of Kunlun

2016-11-25

  Client introduction: 

  Bank of Kunlun Co., Ltd. is previously named as Karamay Commercial Bank, Co., Ltd. with the predecessor of Karamay urban credit cooperative. The cooperative was established in December 2002 after the combination of former Maoyuan urban cooperative and Rongxing cooperative of Karamay City. In April 2009, China Petroleum Group increased the capital and enlarged the stock share in Bank of Kunlun Co., Ltd.. In April 2010, the company changed its name as Bank of Kunlun formally, meaning that booming “Kunlun” trade name would poor strong brand value into the bank. 

  Data security challenge: 

  Bank industry is a severely afflicted area of finance filled with personal privacy leakage. The sound incessantly lingers on people that personal information of clients are leaked or discarded. While the extensive application of high-tech means such as telecommunication and computer technology in bank industry and rapid development of internet bank bring convenience to people, information network technology crimes is surging. With respect to secret leakage incident, panic is useless and changing password is only a temporary solution. How to establish a sound information security system and create healthy environment for the Internet are the fundamental ones.


  Effect of project:

  After the deployment, three sets of Ankki database audit system can conduct fine gain audit in real-time manner including full monitor of operation, access and order return through fine grain audit strategy to realize comprehensive monitoring and audit on database operation, access and order targeting all the accounts. Besides, they can also strengthen the audit and monitoring on temporary and high-authority accounts and access to important sensitive data, achieving field-level fine gain, providing detailed audit record and classified statement statistics, giving statement support based on many years of database security experiences and warning for abnormal operations and many ways to inform related personnel for disposal. The working mode of independent audit will not have any adverse effect on existing system, but be able to make up for deficiencies due to built-in log audit of database system. 

  Maximize the utilization of all sorts of data (such as transaction, interaction and observation) owned by banks, shared data from external companies and more materials to improve production efficiency and explore new risk links. Use massive business data of banks to make comparative analysis with shared data collected from other seemingly unrelated industries to provide the basis for banks in decision making.