Taichung Bank: Improve internal network management and strengthen personal asset protection
October 05, 2020

Why read this article


Because the data security of banks and other financial institutions is critical to customers’ property, slight internal management may affect the operation of the system and cause losses to both parties. Coupled with the "Personal Data Protection Law" promulgated and implemented in October 2012, financial institutions must Meet the higher standards of information security; let us take a look today, how UPAS can help Taichung Bank to solve the intricacies of financial industry network management!




Mr. Xu Junming, Deputy Manager, Information Department, Taichung Commercial Bank


Taichung Commercial Bank (Taichung Bank) was established in 1949. Its predecessor is Taichung District Union Savings Co., Ltd. After more than a few years of expansion and upgrade, it has become the current banking system; Taichung Bank has 83 branches throughout Taiwan, There is also an international financial business branch, which provides various financial services to the public and various enterprises.


Xu Junming, deputy manager of the Information Department of Taichung Commercial Bank, said that in the face of the management of first-line network equipment, we must take a more serious attitude, especially in financial-related systems. Avoid information security risks such as data leakage caused by illegal equipment.



Employees arbitrarily change IP, management constraints are time-consuming and laborious


——In order to maintain the overall network security and operational quality, Taichung Bank must adopt hierarchical management of internal equipment and restrict computer access rights and network traffic



For effective control, the computer can only use a fixed IP. If it connects to a forbidden website, the network gateway device must automatically block the computer from going online, thereby preventing colleagues from downloading large amounts of data through the internal network and wasting network resources.


"Some colleagues are more familiar with IT and will change their IP to avoid gateway checks. In addition, some colleagues will be greedy to bring their own laptops to connect to the company network."


These violations will cause serious information security risks. Therefore, the information unit must immediately modify the user's computer and network equipment settings, and at the same time through administrative propaganda, completely eliminate such violations that have a huge impact on information security. Taichung Bank directly adjusted the settings on the main switch, created a MAC address and IP correspondence table, and only allowed the devices in the list to connect to the network, thereby strengthening user standards.


Deputy Manager Xu Junming pointed out that although this can effectively manage IP, each branch of the company adopts different network segments. Some personnel, such as the audit team, will bring their own equipment to each branch for operation. Therefore, the correspondence table needs to be modified frequently to allow these "actions". Work colleagues of "style" have access to the Internet. These modifications must be manually operated by the network administrators, logging into the switch and typing instructions, in order to make the network available to colleagues who are constantly traveling.





Automated IP allocation to prevent illegal device connection


——After several evaluations, Taichung Bank decided to adopt the UPAS intranet management center to assign and restrict the IP management of all devices in an automated manner, thereby strengthening the management of network endpoints and Internet behavior.


When UPAS is imported, there is no need to install Agent or change the existing network architecture of the enterprise. As long as the Core Switch is set to scan the internal network, the network usage can be quickly analyzed, and detailed information on the internal equipment of the enterprise can be collected for easy implementation. IP management and network usage specifications.





Through the UPAS intranet management center, Taichung Bank can clearly grasp the IP and physical location of all devices in the environment, and set a whitelist according to the management regulations, so that legal devices in branches and administrative centers can access the Internet normally; if there are illegal devices, UPAS can Blocking immediately and automatically can not only prevent data leakage but also prevent the company's network resources from being abused and affecting the service system.


UPAS uses a web interface developed at a cost of 15 million Taiwan dollars. The UI is beautiful and comfortable, and the operation process is intuitive and human. As long as MIS personnel with basic network concepts can easily get started; in addition, UPAS can also generate various reports for IP usage status through statistics The data helps MIS personnel to further control the intranet; for the aforementioned "mobile" workers, the group setting mode in UPAS allows MIS to create different templates, so that specific hosts can successfully obtain exclusives on the network segments in different branches IP takes into account the three management effects of accuracy, effectiveness and convenience.





In addition to strengthening internal IP configuration and network access, UPAS also assisted Taichung Bank to replace old equipment. Xu Junming, deputy manager, pointed out that whenever personal computers are upgraded, many branches will keep the old computers that are worthy of use and move them as backup equipment. These devices will cause many management problems (such as software licensing, asset investigation, etc.).


"Using the UPAS Intranet Management Center, it is easy to detect low-usage old equipment and help branches eliminate them all."



Complete IP usage record, save the trace data required by personal information

——In the current stage of the regulation of personal information law, companies must keep effective track data, of which IP address is a very important data, and it is a very important evidence in terms of law.





IP is a very important part of implementing effective IT management. For MIS, in addition to seeing this string of IP, it is also necessary to understand who the actual user (host) of the IP is, and to open or restrict the device The right to use the Internet to actively regulate the use of the Internet.


Under the regulations of individual capital laws, terminal computer equipment must also adopt more precise and serious management methods.


Deputy Manager Xu Junming believes that IP is a very simple data at first glance, but it is actually a very basic computer message, and it involves a wide range of information, including system management, information security maintenance, etc., which are all very important. You must have enough basic information to properly take care of each link.


In the future, Taichung Bank will continue to strengthen IT construction on related issues such as information security and personal information law. Deputy Manager Xu Junming plans to adopt the strategy of "data not landing" with data encryption functions to ensure that data is only on the central server. With activities on the Internet, instead of downloading and storing to the user’s local disk, centralized management is strengthened, and the IP verification mechanism of UPAS greatly reduces the risk of personal information leakage.