ING-DiBa Secures Sensitive Customer Information with Granular Control Over Access Privileges for Customer Support Specialists
 
Oracle 1-800-633-0738
Find an Oracle Specialized Partner
Oracle Customer Programs
 
 

ING-DiBa Secures Sensitive Customer Information with Granular Control Over Access Privileges for Customer Support Specialists

  • Oracle Customer:  ING-DiBa AG
    Location:  Frankfurt, Germany
    Industry:  Financial Services
    Employees:  2,986
    Annual Revenue:  $1 to $5 Billion

ING-DiBa AG, with 7.5 million customers (the third largest retail bank in Germany), is a branchless, direct bank. ING-DiBa is a subsidiary of the Dutch ING Group, the world’s largest financial services provider in 2010, by revenue, according to Fortune Magazine. The readers of the leading German financial newspaper Börse Online selected ING-DiBa as “Online Broker 2012,” and Euro Magazine awarded ING-DiBa the title of “Germany’s Most Popular Bank 2012.”

ING-DiBa, which has been using Oracle Database for more than 10 years and has more than 300 first- and second-level support staff who access 360 databases to provide customer support, faced the challenge of meeting increased requests for individual access privileges without having centralized control. Furthermore, the company was using only one database account for the entire customer support staff, making it impossible to monitor who accessed which kind of customer information.

By deploying Oracle Enterprise User Security, which combines Oracle Advanced Security options in Oracle Database 11g, Enterprise Edition with Oracle Internet Directory, ING-DiBa centralized the provisioning and deprovisioning of more than 300 database users, and it saved manpower in the IT department.

The solution enables ING-DiBa to grant privileges using Microsoft Active Directory, without changing its business processes.

 
 

 
 

Challenges

A word from ING-DiBa AG

  • “We take the security of our customer data very seriously. With Oracle Enterprise User Security—available in Oracle Database 11g, Enterprise Edition—it is easier for us to handle more than 300 database accounts with detailed privileges than it was before to manage a standard database account. Oracle Enterprise User Security’s built-in features provide everything we need in our Windows environment to secure our customers’ data without changing our business processes one bit.” – Jürgen Krätzer, IT Central Services, ING-DiBa AG

  • Control each support employee’s access to customer information stored in the bank’s data warehouse—which contains all customer financial data for personal and corporate banking—instead of relying on a single user account for all first- and second-level support staff
  • Administer database privileges for more than 300 customer support employees individually, with single sign-on
  • Enable administrators to manage database access privileges centrally and limit access of each customer service agent to those databases that are required to fulfill his or her scope of support
  • Simplify administration of individual access privileges by enabling the bank to use its Microsoft Active Directory repository for granting privileges, without changing business processes

Solutions

  • Used Oracle Enterprise User Security—an Oracle Database 11g, Enterprise Edition feature—to simplify and optimize administration of database privileges for more than 300 employees with an out-of-the-box solution which fits exactly into the company’s Microsoft Windows environment
  • Centralized provisioning and deprovisioning of database users to control the access of each customer support employee to sensitive customer information stored in the bank’s data warehouse to prevent leaking of information
  • Reduced existing access privileges of each employee to those databases which are in his or her scope of customer support, such as for mortgages or brokerages, and ensured transparency of those privileges (which employee has access to which database) at all times
  • Enabled administrators with Oracle Directory Synchronization Service, part of Oracle Internet Directory, to use Microsoft Active Directory for granting access privileges and to synchronize easily between Oracle Internet Directory and the bank’s user repository
  • Monitored access for more than 300 first- and second-level support staff to 360 databases—each an Oracle Database 11g, Enterprise Edition, ranging from 50 gigabytes to 4 terabytes—totaling 120 terabytes of data, with a team of only four administrators
  • Optimized processes and saved manpower in the IT department, as the IT team now handles privileges in databases identically to how it handles them in the bank’s Microsoft Windows environment and no longer needs to maintain the self-implemented access security framework, previously used
  • Made it easier for database administrators to modify access privileges for employees who switch from one team to another or leave the bank, enhancing transparency of individual privileges and ensuring that privileges that are no longer required are revoked immediately

Why Oracle

“ING-DiBa has used Oracle Database since the 1990s. The advanced features of Oracle Advanced Security and Oracle Enterprise User Security—available in Oracle Database, Enterprise Edition—as well as Oracle Internet Directory, are without a doubt the best solution for us that is available on the market today,” said Jürgen Krätzer, IT Central Services, ING-DiBa AG.