Please document how to implement SWIFT security recommendations in WBIFN.
Requirement from my customer for information on how to implement SWIFT security recommendations in WBIFN.
As a result of the recent security incident at another SWIFT customer institution, my customer is asking for documentation on how SWIFT recommendations and guidelines can be implemented in the WBIFN products.
As an example, one specific question from my customer is if and how two factor authentication (2FA) can be enforced when users login to the WBIFN WAS applications MER/RMA/AO.
Please refer to PMR/Service request number 18390,010,678
However the information requested by my customer is not limited to getting documentation on enforcing 2FA, but any other means to implement SWIFT's security recommendations in WBIFN are asked for.
The recommendations would ideally be based on and alligned with the Security Guidance Checklist issued by SWIFT.
SWIFT has created a number of checklists to assist its users in verifying whether their infrastructure meets the minimum recommendations of the security guidance documents.
One of these is KB tip 5020818 - Security Guidance Checklist for interfaces by 3rd party providers
Other KB tip numbers are 5020786, 5020890, 5020928
The documention is needed for both WBIFN and FTM for SWIFT .
The documentation is needed asap to progress with implementation of the required changes in the customer's environment. Hence the urgent priority.
Urgent - Blocker