Reducing Complexity and Boosting Security with a Single-Vendor Solution: Cisco and the Bank of Palestine
The Palestine Monetary Authority, the central bank of the Palestinian Authority, is a financial gateway to our country. We enable e-commerce and offer the only international payment option available here; we process Visa, MasterCard and Union Pay transactions for our customers.
The Central Bank of the Palestinian Authority recognizes us as a key systemic bank. We operate more than 70 branches and offices, as well as 150 ATMs in Gaza and the West Bank. I'm very proud of our work serving all Palestinians—not just our customers.
We have also expanded our international presence, as we now have offices in the United Arab Emirates, Dubai, and Chile. In some sense, all of this is enabled by the technology that supports us. This means that, as the Head of IT Infrastructure, I need to choose the right IT vendors to work with every single time.
Securing Financial Data
In my role, I oversee five units that keep our data flowing securely. The teams manage our various platforms—encompassing Linux, UNIX, and Windows—as well as secure our databases, data centers, and overall IT security, among other things.
It's a complex scenario, but that's the nature of banking. We deal with money and sensitive information. People and businesses entrust their livelihoods to the Bank of Palestine. We have to protect them and their assets—but we can't do it alone.
Over the years, various vendors have provided network infrastructure and security products to the Bank of Palestine, but we keep coming back to one partner above all others: Cisco.
I'm not exaggerating when I say that Cisco is the foundation of our IT infrastructure. Our networks run on Cisco switches. As we move forward, Cisco will be playing a bigger role, especially in matters of network security.
Achieving Full Network Visibility
Cisco is innovating non-stop, especially on the software side. We've concluded several vendor relationships because Cisco offered better solutions. One Cisco product we recently adopted is Stealthwatch. It uses network infrastructure telemetry to detect threats. The system also simplifies network segmentation, which improves performance and security. This is a welcome side effect.
Stealthwatch also integrates with our digital lock manager system, which grants access privileges to applications and databases on a need-to-use basis. Monitoring different kinds of network activity from a central location is a major improvement.
But it isn’t only the technology where Cisco shines—it’s also the people. Cisco Advisory Services is a tremendous initiative that helps us find ways to improve network security with new technology. Thanks to their input, we are integrating Splunk cloud-based business intelligence software over the next year. We've also adopted Talos, a comprehensive threat assessment technology. As a result, we now have security incident and notification databases.
Talos gives us access to 250 full-time threat researchers, 1,100 threat traps, and millions of telemetry agents. This is a whole new level of intelligence applied to network security.
Our previous vendor offered a product that was like Stealthwatch. It had threat traps and was able to prevent breaches, but lacked integrations. Also, our previous vendor did not engage us at the same level as Cisco—a company that is already working on what we'll need next.
I don't have to tell you that a true partnership looks to the future, not only the present. Cyberthreats are an everyday reality for financial institutions—and for all organizations. With our new tools from Cisco, we can focus on preventing security breaches.
Full network visibility, combined with advanced threat detection and artificial intelligence, changes everything. We can now monitor all our security concerns with confidence. When we do face an attack, we are immediately notified and can act right away. The impact is staggering.
We can achieve all of this with other solutions, but having a sole vendor means fewer potential gaps in network security. It is the best approach, at least in my mind.
Adopting a Single-Vendor Approach
Before I started working at the Bank of Palestine, Cisco was strictly our hardware supplier. We used their routers and switches, but little else. Upon my arrival, I adopted a single vendor approach. One of the obvious benefits of using one supplier is cost reductions. You need a larger investment when you deal with many vendors. You end up paying more for hardware and software, but also personnel and training.
An ideal single vendor can also supply every component in your network topology. Cisco has a large enough portfolio to outfit our LANs, our WAN, and the endpoints on our network perimeter. On top of all this, we can monitor everything from a single console.
In my previous position, I spent almost 11 years at one of Jordanian Bank works in Palestine. That was not a one-vendor operation. We had Palo Alto for the firewall, McAfee IPS, ArcSight SIEM, Fire Eye for APT and in addition to all the Cisco products.
It was way too complicated. The more I tried to make things work together, the more obvious it became I would never achieve a 100% view of our infrastructure.
A New Way
When I arrived at the Bank of Palestine, I decided to change my approach. I wanted things to be simpler and more efficient. As a result of working with a single vendor, we no longer have to deal with a dozen account managers at a dozen different vendors. Our account manager at Cisco helps us with orders and points us to the right people when we need support.
Cisco's engineers talk to each other. They know how their products interact. It's one thing when a device malfunctions internally. It's another when there's a problem with the way two devices communicate. When you're dealing with separate vendors, troubleshooting can be a nightmare. Drivers aren't always compatible. Vendor A isn’t aware of Vendor B's patch.
Dealing with Cisco means a single point of contact. This can make the difference between success and failure in the event of an emergency. I attend to critical IT infrastructure every day, and I need to make sure that my hardware and software can handle a security breach.
When everything is designed to work together, threat levels are lower. When something breaks down, a single vendor can deploy a solution much faster. With a seamless integration, I can see the big picture and everything that happens on our networks. I don't get that with a multi-vendor approach.
Expanding the Single-Vendor Approach
As I head into my third year at the Bank of Palestine, I continue to streamline our operations and advance our technology even further. I have traveled to Cisco conferences in Russia, Mexico, and Spain. I'm excited by the prospects I've seen.
Our next big project is the adoption of Cisco Process Orchestrator. This IT automation and integration tool will further streamline our operations. It supports Windows, Linux, and UNIX scripting; and integrates e-mail, database, and web services.
Cisco Process Orchestrator will help the Bank of Palestine better serve our customers. As the only Visa and MasterCard provider in the country, we open our citizens to the world. Our banking services help individuals, families, and businesses here and abroad flourish.
I'm especially proud of our corporate responsibility policy. Every year, the Bank of Palestine donates six percent of our profits to the community. We help finance health and education, cultural initiatives, humanitarian aid, and women's programs.
With more than 1,600 people, we are one of the biggest employers of IT and customer service professionals in the country. Cisco is helping us create jobs, provide financial services to our fellow citizens, and to people around the world. That's what I call a partnership.