Tackling the security risk from internal users in Banking

The following case-study describes how the Bank of Cyprus reduces the security risk from internal users with UserLock.

Offering the capability to control user access and react instantly to any related security incident, UserLock helps protect an organization’s critical assets by disabling concurrent users’ logins, preventing credential sharing and monitoring all session activity in real-time.

The result? The Banks IT administrators are empowered with the tools to help secure network access for all users. Since deployment in 2010, UserLock has been expected – and has effectively achieved – to help protect the Bank’s critical assets.


The Challenge. How to control, manage and secure user access to the network?

As a fast growing organization with over 4500 employees spread across Cyprus, United Kingdom, Russia, Ukraine & Romania, the need to enforce and enhance internal users’ security policy to all its locations became a primary objective for the group.

Having recognized that security risks from inside the organization were as important as those from the external security perimeter, The Bank of Cyprus set out to improve access security for authorized users and close existing network security gaps.

To keep user accounts from being compromised and prevent insider threats, the IT team identified the need to disable concurrent users’ logins, prevent credentials from being shared and enable any response to security incidents to be both timely and effective.

Prior to the implementation of UserLock, no tool was available to help enforce their Users’ Security Policy or empower IT to track, record or automatically block any suspicious sessions.

“Due to the nature of our organization as a bank it was a real headache to prevent users from sharing credentials or logging in to more than one workstation at a time.” said Andreas N.Matheou, Head, Infrastructure Team.

“We used to manually check and monitor whether the login user was already logged in to another machine. With no GUI available all user access needed to be reviewed and monitored manually, making it incredibly time consuming to respond to any security incidents.”

Hardening Network Access Security with UserLock

To help protect the organization’s critical assets, Bank of Cyprus implemented UserLock across the whole Group, currently managing 3500 user accounts.

“The most important capability is the ability to prevent concurrent logins and credential sharing between the users, especially at the Bank’s branches where users are responsible for financial transactions” said Andreas.

With UserLock’s intuitive and easy to use GUI interface, Bank of Cyprus has the capability to control user access and enforce its customized user security policy. The IT team can now effectively limit or stop simultaneous sessions and monitor/audit all user’s activity in real-time. Preventing concurrent logins alleviates the threat of shared passwords as it impacts users own ability to access the network.

It also makes it impossible for any rogue users to use valid credentials at the same time as their legitimate users and prevents serious accountability and non-repudiation issues.

Reducing reaction time to IT Security incidents

By empowering the team to track, record and automatically block all suspicious session, UserLock has also dramatically reduced the time needed by the administrators to respond to related security incidents and day-to-day operational tasks.

“With UserLock’s real-time access monitoring and alerts, the administrator can instantly react and perform corrective actions either by remotely locking, logging off or resetting the appropriate session. This has added a huge value to the organizations’ day to day operation.”

Easy to use, easy to deploy and great support

Since 2010 when it was first deployed at the Bank of Cyprus, UserLock has been expected to and has effectively achieved to help protect the Bank’s critical assets.

“The deployment process was surprisingly fast and easy with no errors. The intuitive and easy to use GUI interface lets you get right to the business of hardening network security”

“Any time since that we have needed to contact the support team I would say the level of service provided was beyond our expectation – they reacted almost instantly. Taking into consideration the overall features and excellent support of the product I would characterize the whole engagement with IS Decisions as outstanding”.

Share this post :


Chris Bunn is the Directeur Général Adjoint of IS Decisions, a global cybersecurity software company, specializing in access management and multi-factor authentication for Microsoft Active Directory environments and the cloud.