Scribd
Upload
2K views

SWIFT Checklist

The document is a checklist from the Society for Worldwide Interbank Financial Telecommunication (SWIFT) that contains 27 items to help financial institutions secure their SWIFT environment. The checklist covers recommendations for restricting access, reducing vulnerabilities, securing the physical environment, managing user identities, monitoring for anomalies, planning for incidents, and assessing risks. Adhering to the checklist aims to protect systems and data from compromise and detect any suspicious activity.

Uploaded by

ফয়সাল হোসেন
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2K views

SWIFT Checklist

The document is a checklist from the Society for Worldwide Interbank Financial Telecommunication (SWIFT) that contains 27 items to help financial institutions secure their SWIFT environment. The checklist covers recommendations for restricting access, reducing vulnerabilities, securing the physical environment, managing user identities, monitoring for anomalies, planning for incidents, and assessing risks. Adhering to the checklist aims to protect systems and data from compromise and detect any suspicious activity.

Uploaded by

ফয়সাল হোসেন
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Society for Worldwide Interbank Financial Telecommunication

(SWIFT) Checklist

Name Description
Restrict Internet Access and Protect Critical Systems from General IT
Environment
Ensure the protection of the user's local
SWIFT infrastructure from potentially
☐ 1. SWIFT Environment Protection compromised elements of the general IT
environment and external environment.
Restrict and control the allocation and
2. Operating System Privileged
usage of administrator-level operating
Account Control
☐ system accounts.

Reduce Attack Surface and Vulnerabilities

Ensure the confidentiality, integrity, and


authenticity of data flows between local
☐ 3. Internal Data Flow Security
SWIFT-related applications and their link
to the operator PC.
Minimize the occurrence of known
technical vulnerabilities within the local
SWIFT infrastructure by ensuring vendor
☐ 4. Security Updates
support, applying mandatory software
updates, and applying timely security
updates aligned to the assessed risk.
Reduce the cyber-attack surface of
☐ 5. System Hardening SWIFT-related components by performing
system hardening.
Protect the confidentiality and integrity of
6. Operator Session Confidentiality
☐ interactive operator sessions connecting to
and Integrity the local SWIFT infrastructure.
Identify known vulnerabilities within the
local SWIFT environment by
☐ 7. Vulnerability Scanning
implementing a regular vulnerability
scanning process and act upon results.

Physically Secure the Environment

Prevent unauthorized physical access to


☐ 8. Physical Security sensitive equipment, workplace
environments, hosting sites, and storage.

☐ 9. Prevent Compromise of Credentials

Ensure passwords are sufficiently resistant


against common password attacks by
☐ 10. Password Policy
implementing and enforcing an effective
password policy.
Prevent that a compromise of a single
authentication factor allows access into
☐ 11. Multi-factor Authentication
SWIFT systems, by implementing multi-
factor authentication.

Manage Identities and Segregate Privileges

Enforce the security principles of need-to-


know access, least privilege, and
☐ 12. Logical Access Control
segregation of duties for operator
accounts.
Ensure the proper management, tracking,
☐ 13. Token Management and use of connected hardware
authentication tokens (if tokens are used).
14. Physical and Logical Password Protect physically and logically recorded
☐ storage passwords.
Detect Anomalous Activity to Systems or Transaction Records

Ensure that local SWIFT infrastructure is


☐ 15. Malware Protection
protected against malware.

Ensure the software integrity of the


☐ 16. Software Integrity
SWIFT-related applications.

Ensure the integrity of the database records


☐ 17. Database Integrity
for the SWIFT messaging interface.
Record security events and detect
☐ 18. Logging and Monitoring anomalous actions and operations within
the local SWIFT environment.

Plan for Incident Response and Information Sharing

Ensure a consistent and effective approach


☐ 19. Cyber Incident Response Planning
for the management of cyber incidents.
Ensure all staff are aware of and fulfil their
security responsibilities by performing
☐ 20. Security Training and Awareness
regular security training and awareness
activities.

Manage Identities and Segregate Privileges

Ensure the trustworthiness of staff


☐ 21. A Personnel Vetting Process operating the local SWIFT environment by
performing personnel vetting.
22. A Physical and Logical Password Protect physically and logically recorded
☐ Storage passwords.

Detect Anomalous Activity to Systems or Transaction Records

Detect and prevent anomalous network


☐ 23. A Intrusion Detection activity into and within the local SWIFT
environment.
Plan for Incident Response and Information Sharing

Validate the operational security


configuration and identify security gaps by
☐ 24. A Penetration Testing performing penetration testing.

Evaluate the risk and readiness of the


☐ 25. A Scenario Risk Assessment organization based on plausible cyber
attack scenarios.
Restrict transaction activity to validated
☐ 26. A Transaction Business Controls and approved counterparties and within
the expected bounds of normal business.
Reduce the attack surface of SWIFT-
related components by performing
☐ 27. A Application Hardening application hardening on the SWIFT-
certified messaging and communication
interfaces and related applications.

Thanks and regards

Md. Zahid Hossain


Executive Officer
ICT Security Unit
Mercantile Bank Ltd.

You might also like