Content Collaboration for Global Investment Bank

Background

Client is a global securities and investment banking company, providing individual investors and corporate clients with a broad range of services, including investment advisory services and securities underwriting. The company is a part of Asia headquartered financial services group with an integrated global network spanning over 30 countries.

Challenges

The bank did not have a secure channel for sharing sensitive financial information between the holding company and its group subsidiaries. Most of the information was exchanged over emails, which is not only insecure but also time consuming for all parties involved. The bank wanted to strengthen its data security and control.

Challenges:

• The e-mail system used for sharing is not encrypted point-to-point.
• Many subsidiaries do not have experience and knowledge in their IT department to implement a highly technical solution and hence, they need a trusted partner.
• The FTP solution available is not secure and sustainable.
• Need quick delivery of the solution.

Solution

Iqxora has a centralised secure file sharing platform. The system is implemented in the core network of bank which gives secure file access to internal staff, subsidiaries and outsourcing partners.

In addition to the existing functions, an IP whitelisting function is implemented to make the access to the system highly secure. This additional functionality provides capability to map users against specific IP addresses. Only a valid username / password / source IP address combination is allowed access to the system.

Attempts to login from non-registered IP addresses will be rejected. To address special scenarios where specific users need to access the system from a public network, a user-to-PC token is also allowed. Iqxora keeps the files encrypted for external users but for internal users it gives access to unencrypted files which are mapped to a distributed file system.

The entire user landscape was divided into three zones:

Red Zone – includes all users accessing confidential documents from external network. These users will be able to access the documents only from their specific white-listed computer.

Blue Zone – includes all users accessing confidential documents from network of subsidiary companies.

Green Zone – includes all users of parent company itself.

Result

• A secure central repository for all documents with external and internal interfaces.
• Reduced Turn-Around-Time for searching and retrieving document.
• Access control and configuration through central admin console.
• Internal and external documents synchronisation.
• Integration with existing in-house document storage application so that internal staff can continue using existing interface.
• Folder level permission control for granular access control.
• Quick sharing of documents between departments and highly secure collaboration platform.
• External documents will get released to internal network after approval through a workflow.
• Comprehensive audit trail for all user actions.