CIBIL

Implements custom defence strategy to safeguard customer information

Overview

Credit Information Bureau (India) Ltd. (CIBIL), founded in 2000, is India’s first credit information company. CIBIL collects and maintains records of an individual’s payments pertaining to loans and credit cards. These records are submitted to CIBIL monthly by member banks and credit institutions. This information is then used to create credit information reports and credit scores, which are provided to credit institutions to help evaluate and approve loan applications.

The company was created to meet a very specific requirement: to bring about financial inclusion. CIBIL was on the lookout for technology that would help CIBIL provide its customer base with faster and cheaper access to CIBIL’s financial services. Today, the organisation includes a customer base ranging from individuals to companies to microfinance organisations.

Challenges

Data security is of the utmost importance to CIBIL due to the sensitivities of customer data and the inherent privacy issues of the business. When the company faced potential malignant attacks that threatened the company’s servers, CIBIL knew it needed effective protection from threat vectors and targeted attacks. Most of the servers are exposed to the internet, making it very important for CIBIL to protect them against any external threats and vulnerabilities. With advanced attacks and threats surfacing, it was imperative to have a strong strategy against targeted attacks—a strategy that could further improve the security posture of the organisation.

"Trend Micro solutions provide an entire ecosystem that detects and blocks threats so that our data remains protected."

Satish Pillai,
Managing Director and CEO, CIBIL

Solution

CIBIL implemented four Trend Micro products to protect its network and data centre. Trend Micro™ Deep Security™ provides virtual patching, integrity monitoring, log inspection, anti-malware, and firewall in a single agent and dashboard, making compliance reporting less cumbersome. Virtual patching helps improve the patching cycle, protects against zero-day vulnerabilities, and is completely automated, making it easy to implement across the data centre.

Trend Micro™ Deep Discovery™ provides 360-degree visibility for more than 100 protocols across all ports. Deep Discovery integration with Trend Micro™ TippingPoint® and other network devices helps to build a strong ecosystem for detecting, analysing, and mitigating advanced threats. Deep Discovery includes multiple detection engines, along with a customised sandbox for detection and mitigation. The company’s custom defence strategy is implemented by integrating Deep Discovery with TippingPoint, Trend Micro™ InterScan™ Messaging Security Virtual Appliance (IMSVA), other network devices and security information and event management (SIEM) solutions.

Results

The implementation of Trend Micro solutions has allowed CIBIL to efficiently monitor potential threats and effectively safeguard the information that their customers entrust them with. Trend Micro provides complete messaging gateway protection. This helps CIBIL to protect end users against targeted attacks and provides vulnerability protection and better visibility into security threats.

"Trend Micro has helped to simplify security operations with a single management dashboard across all functions."

Shiju Rawther,
Assistant Vice President of Technology,
CIBIL

What's next

As India’s first credit information company, CIBIL knows that its IT security team must stay informed about the latest threats to ensure that their systems and customer data are always protected. By working closely with Trend Micro, CIBIL can better understand the most efficient ways to defend against the next wave of exploits.