Case study: SunTrust Bank and Trusteer

SunTrust's Miller says that Trusteer Rapport was deployed quickly and his team was extremely pleased with the deployment timeline. "We were initially concerned that Trusteer Rapport might cause unintended problems with our clients' browsers and environments, but limited problems surfaced," he says. "Of the few support calls we've had, most of them were able to be resolved in a short time by Trusteer's support group. Overall, it has been a great experience for us and our clients."
Plus, his IT staff does not have to manage Trusteer Rapport on an ongoing basis. Updates that adapt to and block new threats are silently pushed out to Rapport endpoints by Trusteer without requiring user intervention.

"This is extremely valuable to SunTrust and its clients, because clients are automatically protected when using Online Treasury Manager after Rapport has pushed to an end-user an update against new threats that may attack clients of other financial institutions first – without any intervention from our IT staff," says Miller.

Trusteer also gives the bank access to management reports and metrics to see the number of Rapport downloads and other statistics. Once installed, Trusteer Rapport can determine which PCs are infected with malware, remove or disable it and send alerts to the bank's IT staff.

"This allows SunTrust to reach out to clients one-on-one to talk to them about possible malware threats on their machines. Trusteer Rapport has exceeded our expectations," says Miller.

Additionally, Trusteer's services deploy quickly, dynamically adapt to changing threats, and do not require any changes in end-user behavior, he adds.

Compliance regulations

On the risk assessment front, Trusteer gathers malware activity intelligence from its network of financial institutions around the world and tens of millions of endpoint devices, says Klein. This intelligence can be used by Trusteer to continuously take adaptive steps within the Trusteer Rapport endpoint protection product to block new attacks, without any intervention by SunTrust's IT department or end-users.

"This capability can provide us with better information in connection with our risk assessment supervisory expectation," says the bank's Miller.

And, he says this is valuable as the bank is seeing sophisticated new attacks directly against clients that are designed to steal two-factor authentication credentials in real-time, and that can redirect SMS messages to fraudsters' phones, and even defeat transaction-signing protection using social engineering methods.

"Because of these continuing advances in fraud techniques, SunTrust continually looks for ways to implement both layered and adaptive security technologies," says Miller. "Trusteer Rapport is a good example of this new approach. By gathering intelligence about new attacks as they emerge, and then adapting their different protection layers to block them, Rapport allows us to help our clients stay ahead of new threats and minimize fraud."