Address MAS Technology Risk Management (TRM) Guidelines
The Monetary Authority of Singapore (MAS) lays out a comprehensive set of IT security requirements not just for Financial Institutions (FIs) based in Singapore, but for any FIs that are doing business in Singapore.
The MAS guidelines for Internet Banking and Technology Risk Management (TRM), updated in June 2013, identify security and risk management issues in a comprehensive manner, covering everything from identity assurance and access controls to accountability and audit.
Centrify Server Suite provides comprehensive privileged access security, helping IT organizations directly address MAS TRM Guidelines in four critical areas: Access Control (section 11), Online Financial Services (section 12), Payment Card Security (section 13), and IT Audit (section 14). These four areas are fundamental to meeting MAS TRM Guidelines, and Centrify provides a solid foundation for FIs to take care of these fundamentals and then address any remaining areas. Centrify Identity Service ensures that users are individually identifiable and accountable for access to sensitive or privileged apps.
- Associate all access rights and privileges on audited systems to individual users, providing the level of accountability required by MAS TRM.
- Implement role-based security and access controls along with centralized reporting of who has access to what systems.
- Limit privileged access on systems to just the subset of commands they need to perform their jobs.
- Capture detailed audit trails of all user actions, and system responses, for inspection by auditors.