Scribd
Upload
132 views

Mapping Security Controls Against Security Guidance Recommendations

Uploaded by

Ruslan Soloviov
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
132 views

Mapping Security Controls Against Security Guidance Recommendations

Uploaded by

Ruslan Soloviov
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 23

Mapping Security Controls against Security Guidance Recommendations

8 November 2019

Introduction

The SWIFT Customer Security Controls Framework establishes a security baseline for the entire community.

Note: The scope of the framework is the local SWIFT environment. However, the CSP controls reflect good security practice, and it is appropriate to
implement them beyond the in-scope environment into the broader end-to-end transaction chain.

The table below maps each security control (product-agnostic) from the SWIFT Customer Security Controls Framework against related recommendations
(product-specific) from the different SWIFT security guidance documents. The paragraphs entitled ”Complementary requirements” highlight aspects from the
security controls that are new requirements complementing the existing security recommendations. These new requirements and the new features or
enhancements introduced in Alliance Access 7.3 and 7.4 will be specifically included in future versions of the product-specific security guidance documents.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

1.1 SWIFT Environment 4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
Protection Environment 4.2.2 Logical Access Control 3.1.2 Logical Access Control Environment
Control: A segregated 4.2.2 Logical Access Control Applicable control: SLA.11 Applicable control: SLA.09 4.2.4 Operating System
secure zone safeguards Applicable control: SLA.11 (jump 4.2.4 Operating System Hardening 3.1.4 Operating System Hardening Hardening
the user’s SWIFT server) Applicable control: OSH.02 Applicable control: OSH.02 Applicable control: OSH.02
4.2.4 Operating System Hardening
infrastructure from
Applicable control: OSH.02 (only 4.3 Secure Local Client Environment 3.2 Secure Local Client Environment 4.3 Secure Local Client
compromises and attacks
software to operate, monitor and 4.3.3 Internet Access 3.2.3 Internet Access Environment
on the broader enterprise secure Alliance products) Applicable control: CIA.01 Applicable control: CIA.02 4.3.5 Secure Browsing
and external 4.3.6 Secure Browsing Applicable control: ALB.01
environments. 4.3 Secure Local Client Applicable control: SBR.01 Note: In the CSCF, restricted internet
Environment access is accepted, providing that: 4.5 Local Network Security
4.3.3 Internet Access 4.5 Local Network Security - Any required Internet access is 4.5.1 Connectivity
permitted only if initiated in the
Applicable control: CIA.01 (block 4.5.1 Connectivity Applicable control: CON.01
outbound direction.
internet access) Applicable control: CON.01 (protection against DoS attacks)
- Internet access is only granted to
4.5.2 Network Segregation whitelisted URL destinations (for 4.5.2 Network Segregation
Note: In the CSCF, restricted internet Applicable control: NET.01, NET.02, example, site for downloading Applicable control: ALN.01,
access is accepted, providing that: NET.03, NET.04, NET.05, NET.06, security patches) via a proxy with ALN.02, ALN.03, ALN.04, ALN.05,
- Any required Internet access is NET.07 content inspection and adequate ALN.06.
permitted only if initiated in the
4.5.3 Front-end Reverse Proxy blocking/filtering controls. General
outbound direction. browsing is not permitted.
Applicable control: FRP.01 Complementary requirements1:
- Internet access is only granted to
whitelisted URL destinations (for - Protections of the secure
Note: In the CSCF, following network 3.2 Secure Local Client Environment zone (boundary protection
example, site for downloading
security patches) via a proxy with configurations requirements apply: 3.2.4 Secure Browsing and communication between
content inspection and adequate - Network ACLs or host-based Applicable control: CSB.01 components in the secure
firewalls restrict traffic on a host-by-
blocking/filtering controls. zone).
General browsing is not host basis within the secure zone. 3.4 Local Network Security - Access to the secure zone
- Individual hardware or network-
permitted. 3.4.1 Connectivity (local operator access vs.
based firewalls between the
Applicable control: CON.01 remote operator access).
components in the secure zone can
4.5 Local Network Security 3.4.2 Network Segregation
optionally be used. - Segregation from General
4.5.1 Connectivity Applicable control: NET.01, NET.02, Enterprise IT Services.
Applicable control: CON.01 NET.03, NET.05, NET.06, NET.07 - Virtualisation.
(protection against DoS attacks)
Complementary requirements1:
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

4.5.2 Network Segregation - Protections of the secure zone Note: In the CSCF, following network
Applicable control: NET.01, NET.02, (boundary protection and configurations requirements apply:
NET.03, NET.04, NET.05, NET.06, communication between - Network ACLs or host-based
firewalls restrict traffic on a host-
NET.07, NET.08 components in the secure zone).
by-host basis within the secure
- Access to the secure zone (local
zone.
Note: In the CSCF, following network operator access vs. remote - Individual hardware or network-
configurations requirements apply: operator access). based firewalls between the
- Network ACLs or host-based
- Segregation from General components in the secure zone can
firewalls restrict traffic on a host-
Enterprise IT Services. optionally be used.
by-host basis within the secure
zone. - Virtualisation.
- Individual hardware or network- Complementary requirements1:
based firewalls between the - Protections of the secure zone
components in the secure zone (boundary protection and
can optionally be used. communication between
components in the secure zone).
Complementary requirements: 1 - Access to the secure zone (local
- Protections of the secure zone operator access vs. remote
(boundary protection and operator access).
communication between - Segregation from General
components in the secure Enterprise IT Services.
zone). - Virtualisation.
- Access to the secure zone
(local operator access vs.
remote operator access).
- Segregation from General
Enterprise IT Services.
Virtualisation.
New security requirement. 4.4 Secure Local Application
1.2 Operating System
Environment
Privileged Account
4.4.1 Logical Access Control
Control

1
Requirements included in the SWIFT Customer Security Controls Framework that complement the existing SWIFT recommendations and which are not yet specifically
addressed in the product-specific security guidance
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

Applicable control: ALC.05


Control: Access to
administrator-level
Complementary requirements:
operating system
- Access to administrator-level
accounts is restricted to
operating accounts is
the maximum extent restricted to the maximum
possible. Usage is extent possible.
controlled, monitored, - Login with built-in
and only permitted for administrator-level accounts
relevant activities such as is not permitted, except to
software installation and perform activities where
configuration, such accounts are specifically
maintenance, and needed or in emergency
situations. Individual
emergency activities. At
accounts with administrator-
all other times, an
level privileges or accounts
account with least with the ability to escalate to
privilege access is used. administrative access are
used instead.
- Individual administrator-level
account access and usage are
logged.
- Administrator-level
passwords are tightly
controlled with physical
access controls when
physically recorded.

New security requirement.


1.3. Virtualisation
Platform Protection
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

Control: Secure
virtualisation platform,
virtualised machines and
supporting virtual
infrastructure (e.g.
firewalls) to the same
level as physical systems.
4.3 Secure Local Client 4.3 Secure Local Client Environment 3.2 Secure Local Client Environment
1.4A Restriction of
Environment 4.3.3 Internet Access 3.2.3 Internet Access
Internet Access
4.3.3 Internet Access Applicable control: CIA.01 (block Applicable control: CIA.02
Applicable control: CIA.01 (block internet access)
Control: Restrict Internet internet access) Note: In the CSCF, restricted internet
Note: In the CSCF, restricted internet access is accepted, providing that:
access from operator PCs
Note: In the CSCF, restricted internet access is accepted, providing that: - Any required Internet access is
and other systems within permitted only if initiated in the
access is accepted, providing that: - Any required Internet access is
the secure zone. - Any required Internet access is permitted only if initiated in the outbound direction.
permitted only if initiated in the outbound direction. Internet access is only granted to
outbound direction. Internet access is only granted to whitelisted URL destinations (for example,
Internet access is only granted to whitelisted URL destinations (for site for downloading security patches) via
whitelisted URL destinations (for example, site for downloading security a proxy with content inspection and
example, site for downloading security patches) via a proxy with content adequate blocking/filtering controls.
patches) via a proxy with content inspection and adequate General browsing is not permitted.
inspection and adequate blocking/filtering controls. General
blocking/filtering controls. General browsing is not permitted.
browsing is not permitted.
4.5 Local Network Security
4.5.3 Front-end Reverse Proxy
Applicable control: FRP.01

Note: In the CSCF, following network


configurations requirements apply:
- Network ACLs or host-based
firewalls restrict traffic on a host-
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

by-host basis within the secure


zone.
- Individual hardware or network-
based firewalls between the
components in the secure zone can
optionally be used.

Complementary requirements1:
- Protections of the secure zone
(boundary protection and
communication between
components in the secure zone).
- Access to the secure zone (local
operator access vs. remote
operator access).
- Segregation from General
Enterprise IT Services.
- Virtualisation.
4.4 Secure Local Application 4.4 Secure Local Application 3.3 Secure Local Application New security requirement.
2.1 Internal Data Flow
Environment Environment Environment
Security
4.4.3 Confidentiality 4.4.3 Confidentiality 3.3.3 Local Server Authentication and
Control: Confidentiality, Applicable control: LSC.01, LSC.02 Applicable control: LSC.01, LSC.02 Confidentiality
integrity, and 4.4.4 Integrity and Authentication 4.4.4 Integrity and Authentication Applicable control: LSC.01, LSC.02
authentication Applicable control: LAU.01 Applicable control: LSC.03, LAU.01
mechanisms are
Complementary requirements:
implemented to protect
- Integrity mechanisms are
SWIFT-related
implemented to protect data
application-to-application
flows between SWIFT-related
and operator-to-
applications within the secure
application data flows.
zone, and its link to the operator
PCs (SAA- AWP SE, SAA – ARG).
4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
2.2 Security Updates
Environment 4.2.5 Security Updates 3.1.5 Security Patches Environment
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

4.2.5 Security Updates Applicable control: SSP.01 Applicable control: SSP.01, SSP.02 4.2.5 Security Updates
Control: All hardware and
Applicable control: SSP.01, SSP.02 Applicable control: SSP.01, SSP.02
software inside the
4.3 Secure Local Client Environment 3.2 Secure Local Client Environment
secure zone and on
4.3 Secure Local Client 4.3.5 Security Updates 3.2.6 Security Patches 4.3 Secure Local Client
operator PCs are within
Environment Applicable control: CSP.01 Applicable control: CSP.01 Environment
the support lifecycle of
4.3.5 Security Updates 4.3.4 Security Updates
the vendor, have been
Applicable control: CSP.01 Complementary requirements: Complementary requirements: Applicable control: ALU.01
upgraded with
- Support availability. - Support availability.
mandatory software
Complementary requirements: - Security update deployment - Security update deployment Complementary requirements:
updates, and have had - Support availability. policy based in a risk assessment policy based in a risk assessment - Support availability.
security updates - Security update deployment process and/or recommended process and/or recommended - Security update deployment
promptly applied. policy based in a risk on the Common Vulnerability on the Common Vulnerability policy based in a risk
assessment process and/or Scoring system (CVSS), Version 3. Scoring system (CVSS), Version assessment process and/or
recommended on the 3. recommended on the
Common Vulnerability Scoring Common Vulnerability
System (CVSS), Version 3. Scoring system (CVSS),
Version 3.
4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
2.3 System Hardening
Environment 4.2.4 Operating System Hardening 3.1.4 Operating System Hardening Environment
Control: Security 4.2.4 Operating System Hardening Applicable control: OSH.01 Applicable control: OSH.01 4.2.4 Operating System
hardening is conducted Applicable control: OSH.01 Hardening
on all in-scope Complementary requirements: Complementary requirements: Applicable control: OSH.01
components. 4.5 Local Network Security - Operator PCs and supporting - Operator PCs and supporting
4.5.2 Network Segregation infrastructure within the secure infrastructure within the secure Complementary requirements:
Applicable control: NET.01 zone are included in the scope. zone are included in the scope. - Operator PCs and supporting
(listeners used by Alliance - All in-scope systems are - All in-scope systems are infrastructure within the
products) hardened in accordance with a hardened in accordance with a secure zone are included in
hardening standard/guide hardening standard/guide the scope.
Complementary requirements: (vendor, industry or local) but (vendor, industry or local) but - All in-scope systems are
- Operator PCs and supporting can be overruled by application- can be overruled by application- hardened in accordance with
infrastructure within the specific configuration specific configuration a hardening standard/guide
secure zone are included in requirements to maintain a requirements to maintain a (vendor, industry or local)
the scope. proper operational state. proper operational state. but can be overruled by
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

- All in-scope systems are - Documented follow-up of the - Documented follow-up of the application-specific
hardened in accordance with a implementation deviations. implementation deviations. configuration requirements
hardening standard/guide to maintain a proper
(vendor, industry or local) but operational state.
can be overruled by - Documented follow-up of
application-specific the implementation
configuration requirements to deviations.
maintain a proper operational
state.
- Documented follow-up of the
implementation deviations.

4.4 Secure Local Application 4.4 Secure Local Application 3.3 Secure Local Application 4.4 Secure Local Application
2.4A Back-Office Data
Environment Environment Environment Environment
Flow Security
4.4.3 Confidentiality 4.4.3 Confidentiality 3.3.3 Local Server Authentication and 4.4.2 Confidentiality, Integrity,
Control: Confidentiality, Applicable control: The connection Applicable control: The connection Confidentiality and Authentication
integrity, and mutual between Alliance Access or Alliance between the customer managed Applicable control: LSC.03 Applicable control: ALI.01, ALI.02,
authentication Gateway and the back-office interface and the back-office 3.3.4 Integrity Mechanisms ALI.03
mechanisms are application must be encrypted. This application must be encrypted. This Applicable control: LAU.01, LAU.02
implemented to protect can be achieved by solutions such can be achieved by solutions such as Complementary requirements:
data flows between back- Complementary requirements:
as MQ encryption, SFTP, and so on. MQ encryption, SFTP, and so on. - Mutual authentication of the
office (or middleware) - Mutual authentication of the
4.4.4 Integrity and Authentication 4.4.4 Integrity and Authentication data flows between back-
data flows between back-office
applications and Applicable control: LAU.02, LAU.03 Applicable control: LSC.03, LAU.01 office systems (or
systems (or middleware
connecting SWIFT middleware systems) and
systems) and directly connected
infrastructure Complementary requirements: Complementary requirements: directly connected SWIFT
SWIFT infrastructure
components. - Mutual authentication of the - Mutual authentication of the infrastructure components.
components.
data flows between back- data flows between back-office
office systems (or middleware systems (or middleware systems)
systems) and directly and directly connected SWIFT
connected SWIFT infrastructure components.
infrastructure components.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

New security requirement.


2.5A. External
Transmission Data
Protection
Control: Sensitive SWIFT-
related data leaving the
secure zone is encrypted.

4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
2.6. Operator Session
Environment 4.2.2 Logical Access Control 3.1.2 Logical Access Control Environment
Confidentiality and
4.2.2 Logical Access Control Applicable control: SLA.03, SLA.10 Applicable control: SLA.08 4.2.2 Logical Access Control
Integrity
Applicable control: SLA.03, SLA.10 Applicable control: SLA.03
Control: The 4.3 Secure Local Client Environment 3.2 Secure Local Client Environment
confidentiality and 4.3 Secure Local Client 4.3.2 Logical Access Control 3.2.2 Logical Access Control
integrity of interactive 4.3 Secure Local Client
Environment Applicable control: CLA.03, CLA.04 Applicable control: CLA.03
operator sessions Environment
4.3.2 Logical Access Control
connecting into the 4.3.2 Logical Access Control
Applicable control: CLA.03, CLA.04 4.4 Secure Local Application Complementary requirements:
secure zone is Applicable control: ALL.02
Environment - Enhanced the scope (sessions to
safeguarded. 4.4 Secure Local Application 4.4.1 Local Operator Authentication SWIFT-related applications and
Complementary requirements:
Environment and Session Management OS).
- Enhanced the scope
4.4.1 Local Operator Applicable control: USM.03, USM.04 - All interactive sessions are
(sessions to SWIFT-related
Authentication and Session protected by a cryptographic
applications and OS).
Management Complementary requirements: protocol (for example, ssh,
- All interactive sessions are
Applicable control: - Enhanced the scope (sessions to https).
protected by a cryptographic
LOA.01,AGW.01 SWIFT-related applications and
protocol (for example, ssh,
OS).
https).
Complementary requirements: - All interactive sessions are
- Enhanced the scope (sessions protected by a cryptographic
to SWIFT-related applications protocol (for example, ssh,
and OS). https).
- All interactive sessions are
protected by a cryptographic
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

protocol (for example, ssh,


https).

New security requirement.


2.7. Vulnerability
Scanning
Control: Secure zone and
operator PC systems are
scanned for
vulnerabilities using an
up-to-date, reputable
scanning tool.

New security requirement.


2.8A Critical Activity
Outsourcing
Control: Critical
outsourced activities are
protected, at a minimum,
to the same standard of
care as if operated within
the originating
organisation.

4.6 Other Security 4.6 Other Security 3.5 Other Security 4.6 Other Security
2.9A. Transaction
Recommendations Recommendations Recommendations Recommendations
Business Controls
4.6.1 Detection Mechanisms 4.6.1 Detection Mechanisms 3.5.1 Reconciliation 4.6.2.2 Abnormal Sessions and
Control: Restrict (Reconciliation and Abnormal (Reconciliation and Abnormal Applicable control: REC.01 Message Flows
transaction activity within Sessions and message Flows) Sessions and message Flows) Applicable control: ASM.01
the expected bounds of Applicable control: REC.01, ASM.01 Applicable control: REC.01, ASM.01 Complementary requirements:
normal business - Restriction of the transactions Complementary requirements:
Complementary requirements: Complementary requirements: and active SWIFTNet FIN
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

- Restriction of the transactions - Restriction of the transactions sessions outside of normal - Have a process in place to
and active SWIFTNet FIN and active SWIFTNet FIN business hours. issue and check confirmation
sessions outside of normal sessions outside of normal - Have a process in place to issue messages.
business hours. business hours. and check confirmation - Monitor uncharacteristic
- Have a process in place to - Have a process in place to issue messages. transactions.
issue and check confirmation and check confirmation - Monitor uncharacteristic
messages. messages. transactions.
- Monitor uncharacteristic - Monitor uncharacteristic
transactions. transactions.

This control enables users of the This control enables users of a This control enables users of the This control enables users of the
2.10 Application
SWIFT Alliance Access to comply certified messaging interface to Alliance Remote Gateway to comply Alliance Lite2 to comply with the
Hardening
with the Alliance Security comply with the Alliance Security with the Alliance Security Guideline. Alliance Lite2 Security Guidance.
Control: All messaging Guideline. Guideline.
interfaces (for example,
Alliance Access, Alliance
Messaging Hub and
equivalent) and
communication interfaces
(for example, Alliance
Gateway and equivalent)
products within the
secure zone are SWIFT-
certified. Security
hardening is conducted
and maintained on all in-
scope components.

4.4 Secure Local Application 4.4 Secure Local Application Complementary requirements: 4.6 Other Security
2.11A RMA Business
Environment Environment Relationship Management Recommendations
Controls
4.4.5 Relationship Management 4.4.5 Relationship Management Application (RMA). 4.6.1 Relationship Management
Control: Restrict transaction Application (RMA) Application (RMA) Application (RMA)
activity to validated and
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

approved business Applicable control: RMA.01, Applicable control: RMA.01, RMA.02, Applicable control: RMA.01,
counterparties. RMA.02, RMA.03 RMA.03 RMA.02, RMA.03
4.6.2.1 Reconciliation
Applicable control: REC.01
4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
3.1. Physical Security
Environment 4.2.1 Physical Access Control 3.1.1 Physical Access Control Environment
Control: Physical security 4.2.1 Physical Access Control Applicable control: SPA.01, SPA.02, Applicable control: SPA.01, SPA.02, 4.2.1 Physical Access Control
controls are in place to Applicable control: SPA.01, SPA.02, SPA.03, SPA.04 SPA.03, Applicable control: ALS.01,
protect access to SPA.03, SPA.04 ALS.02, ALS.03, ALS.04
sensitive equipment, 4.3 Secure Local Client Environment 3.2 Secure Local Client Environment
hosting sites, and storage. 4.3 Secure Local Client 4.3 Secure Local Client
4.3.1 Physical Access Control 3.1.1 Physical Access Control
Environment
Environment Applicable control: CPS.01 Applicable control: CPS.01
4.3.1 Physical Access Control
4.3.1 Physical Access Control
Applicable control: ALP.01
Applicable control: CPS.01 4.4 Secure Local Application 3.3 Secure Local Application
Environment Environment
4.4 Secure Local Application
4.4 Secure Local Application 4.4.5 Hardware Security Module 3.3.5 PKI-based Security
Environment
Environment Applicable control: HSM.01, HSM.02, Applicable control: PKI.01, PKI.02
4.4.3 USB Token
4.4.6 Hardware Security Module HSM.03, HSM.04, HSM.05, HSM.06
Applicable control: ALT.01,
Applicable control: HSM.01, Complementary requirements:
ALT.02
HSM.02, HSM.03, HSM.04, Complementary requirements: - Security of the Workplace
4.4.4 Channel Certificate
HSM.05, HSM.06 - Security of the Workplace Environment.
Applicable control: ACC.02
Environment. - Security for Remote Workers
Complementary requirements: - Security for Remote Workers (for example, teleworkers, "on
Complementary requirements:
- Security of the Workplace (for example, teleworkers, "on call" duties).
- Security of the Workplace
Environment. call" duties). - Additional requirements on the
Environment.
- Security for Remote Workers - Additional requirements on the security of the Server
- Security for Remote Workers
(for example, teleworkers, "on security of the Server Environment.
(for example, teleworkers,
call" duties). Environment.
"on call" duties).
- Additional requirements on
- Additional requirements on
the security of the Server
the security of the Server
Environment.
Environment.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

4.1 SWIFT Security Governance 4.1 SWIFT Security Governance 3.1 Secure Local Server Environment 4.1 SWIFT Security Governance
4.1 Password Policy
4.1.1.1 SWIFTNet Security Officers 4.1.1.1 SWIFTNet Security Officers 3.1.2 Logical Access Control for Customers
Control: All application Applicable controls: CAD.03 Applicable controls: CAD.03 Applicable control: SLA.05 4.1.3 swift.com Administrators
and operating system 4.1.1.3 swift.com Administrators 4.1.1.3 swift.com Administrators Applicable controls: SCA.05
accounts enforce Applicable controls: SCA.06 Applicable controls: SCA.05 3.2 Secure Local Client Environment
passwords with 3.2.2 Logical Access Control 4.2 Secure Local Server
appropriate parameters 4.2 Secure Local Server 4.2 Secure Local Server Environment Applicable control: CLA.01 Environment
such as length, Environment 4.2.2 Logical Access Control 4.2.2 Logical Access Control
complexity, validity, and 4.2.2 Logical Access Control Applicable control: SLA.07 3.3 Secure Local Application Applicable control: SLA.07
the number of failed log- Applicable control: SLA.07 Environment
in attempts. 4.3 Secure Local Client Environment 3.3.1 Local Operator Authentication 4.4 Secure Local Application
4.3 Secure Local Client 4.3.2 Logical Access Control and Session Management Environment
Environment Applicable control: CLA.01 Applicable control: USM.01 4.4.3 USB Token
4.3.2 Logical Access Control Applicable control: ALT.04
Applicable control: CLA.01 4.4 Secure Local Application Complementary requirements: 4.4.4 Channel Certificate
Environment - Password policy established and Applicable control: ACC.01
4.4 Secure Local Application 4.4.1 Local Operator Authentication aligned to current industry
Environment and Session Management standards or industry best Complementary requirements:
4.4.1 Local Operator Applicable control: USM.01 practices and defines specified - Password policy established
Authentication and Session criteria. Good practice guidelines and aligned to current
Management Complementary requirements: provided in the TIP 5021567. industry standards or
Applicable control: LOA.02, - Password policy established and - Password policy developed in industry best practices and
LOA.03, LOA.04, AGW.02, USM.01 aligned to current industry consideration to of known defines specified criteria.
standards or industry best password-based vulnerabilities Good practice guidelines
Complementary requirements: practices and defines specified in the computing environment provided in the TIP 5021567.
- Password policy established criteria. Good practice guidelines (that is, LAN Manager password - Password policy developed in
and aligned to current industry provided in the TIP 5021567. hash). consideration to of known
standards or industry best - Password policy developed in - Effectiveness of the password password-based
practices and defines specified consideration to of known policy is reviewed at least vulnerabilities in the
criteria. Good practice password-based vulnerabilities annually. computing environment
guidelines provided in the TIP in the computing environment - Passwords for secure zone (that is, LAN Manager
5021567. systems are stored only within password hash).
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

- Password policy developed in (that is, LAN Manager password the zone as described in the - Effectiveness of the
consideration of known hash). guidance for the design of the password policy is reviewed
password-based vulnerabilities - Effectiveness of the password secure zone. at least annually.
in the computing environment policy is reviewed at least - Passwords for secure zone
(that is, LAN Manage annually. systems are stored only
password hash). - Passwords for secure zone within the zone as described
- Effectiveness of the password systems are stored only within in the guidance for the
policy is reviewed at least the zone as described in the design of the secure zone.
annually. guidance for the design of the
- Passwords for secure zone secure zone.
systems are stored only within
the zone as described in the
guidance for the design of the
secure zone.

4.2 Secure Local Server 4.2 Secure Local Server Environment 3.3 Secure Local Application 4.2 Secure Local Server
4.2. Multi-factor
Environment 4.2.2 Logical Access Control Environment Environment
Authentication
4.2.2 Logical Access Control Applicable control: SLA.04 3.3.1 Local Operator Authentication 4.2.2 Logical Access Control
Control: Multi-factor Applicable control: SLA.04 and Session Management Applicable control: SLA.04
authentication is used for 4.4 Secure Local Application Applicable control: USM.02
interactive user access to 4.4 Secure Local Application Environment Complementary requirements:
SWIFT-related Environment 4.4.1 Local Operator Authentication Complementary requirements: - Multi-factor authentication
applications and 4.4.1 Local Operator and Session Management - Multi-factor authentication with with Operator PC.
operating system Authentication and Session Applicable control: USM.02 Operator PC and to jump server. - Prioritised order for
accounts. Management - Prioritised order for implementing multi-factor
Applicable control: USM.02 Complementary requirements: implementing multi-factor authentication for OS admin
- Multi-factor authentication with authentication for OS admin and end-users.
Complementary requirements: Operator PC and to jump server. and end-users. - Multi-factor authentication
- Multi-factor authentication - Prioritised order for - Multi-factor authentication implemented for remote
with Operator PC and to jump implementing multi-factor implemented for remote user user administrative access.
server. authentication for OS admin and administrative access.
- Prioritised order for end-users.
implementing multi-factor
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

authentication for OS admin - Multi-factor authentication


and end-users. implemented for remote user
- Multi-factor authentication administrative access.
implemented for remote user
administrative access

4.1 SWIFT Security Governance 4.1 SWIFT Security Governance 3.1 Secure Local Server Environment 4.1 SWIFT Security Governance
5.1. Logical Access
4.1.1 .1 SWIFTNet Security Officers 4.1.1 .1 SWIFTNet Security Officers 3.1.2 Logical Access Control for Customers
Control
Applicable controls: SSO.01, Applicable controls: SSO.01, SSO.02, Applicable control: SLA.04, SLA.06, 4.1.1 Alliance Lite2 Customer
Control: Accounts are
SSO.02, SSO.03, SSO.04, SSO.05, SSO.03, SSO.04, SSO.05, CAD.01, SLA.07 Security Officer
defined according to the
CAD.01, CAD.02, CAD.04 CAD.02, CAD.04 Applicable controls: ALG.01,
security principles of 4.1.1.2 Alliance Security Officers 4.1.1.2 Customer Managed Interface 3.2 Secure Local Client Environment ALG.02, ALG.03, ALG.04, ALQ.01,
need-to-know access, Applicable controls: ASO.01. Security Officers 3.2.2 Logical Access Control ALQ.02, ALQ.03
least privilege, and ASO.02, ASO.03, ASO.04 Applicable controls: ASO.02, ASO.03, Applicable control: CLA.02 4.1.3 swift.com Administrators
segregation of duties. 4.1.1.3 swift.com Administrators ASO.04 Applicable controls: SCA.01,
Applicable controls: SCA.01, 4.1.1.3 swift.com Administrators 3.3 Secure Local Application SCA.02, SCA.03, SCA.04, SCA.06
SCA.02, SAC.03, SCA.04, SCA.05, Applicable controls: SCA.01, SCA.02, Environment
4.2 Secure Local Server
ASO.01 SAC.03, SCA.04, SCA.06 3.3.2 Authorisation Schemes
Environment
4.1.1.4 Business Officers 4.1.1.4 Business Officers Applicable control: AAS.01, AAS.02,
4.2.2 Logical Access Control
Applicable Control: SBO.01 Applicable Control: SBO.01 AAS.03
Applicable control: SLA.08
4.2 Secure Local Server 4.2 Secure Local Server Environment 4.3 Secure Local Client
Environment 4.2.2 Logical Access Control Environment
4.2.2 Logical Access Control Applicable control: SLA.08, SLA.09 4.3.2 Logical Access Control
Applicable control: SLA.08, SLA.09 Applicable control: ALL.01
4.3 Secure Local Client Environment
4.3 Secure Local Client 4.3.2 Logical Access Control 4.4 Secure Local Application
Environment Applicable control: CLA.02 Environment
4.3.2 Logical Access Control 4.4.1 Logical Access Control
Applicable control: CLA.02 4.4 Secure Local Application Applicable control: ALC.01,
Environment ALC.02, ALC.03, ALC.04, ALC.05,
4.4 Secure Local Application 4.4.2 Authorisation Schemes ALC.06
Environment
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

4.4.2 Authorisation Schemes Applicable control: AAS.01, AAS.02,


Applicable control: AAS.01, AAS.02, AAS.03, AAS.04, AAS.05, AAS.06,
AAS.03, AAS.04, AAS.05, AAS.06, AAS.07
AAS.07, AAS.08 4.4.6 Hardware Security Module
4.4.6 Hardware Security Module Applicable control: HSM.08, HSM.09
Applicable control: HSM.08,
HSM.09

4.4 Secure Local Application 4.4 Secure Local Application 3.3 Secure Local Application 4.4 Secure Local Application
5.2. Token Management
Environment Environment Environment Environment
Control: Connected
4.4.6 Hardware Security Module 4.4.6 Hardware Security Module 3.3.5 PKI-based Security 4.4.3 USB Token
hardware authentication
Applicable control: HSM.07 Applicable control: HSM.01, HSM.02, Applicable control: PKI.01, PKI.03 Applicable control: ALT.03
tokens are managed HSM.03, HSM.04, HSM.05, HSM.06,
appropriately during Complementary requirements: HSM.07 Complementary requirements: Complementary requirements:
issuance, revocation, use, - Enhanced the scope - Enhanced the scope (connected - A record is maintained of
and storage. (connected hardware Complementary requirements: hardware authentication tokens hardware token ownership.
authentication tokens used for - Enhanced the scope (connected used for SWIFT operations )
SWIFT operations). hardware authentication tokens - A record is maintained of
- A record is maintained of used for SWIFT operations) hardware token ownership.
hardware token ownership. - A record is maintained of
hardware token ownership.

4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
5.3A. Personnel Vetting
Environment 4.2.2 Logical Access Control 3.1.2 Logical Access Control Environment
Process
4.2.2 Logical Access Control Applicable control: SLA.01 Applicable control: SLA.01 4.2.2 Logical Access Control
Control: Staff operating Applicable control: SLA.01 Applicable control: SLA.01
the local SWIFT Complementary requirements: Complementary requirements:
infrastructure are vetted Complementary requirements: - Personnel Vetting Process. - Personnel Vetting Process. Complementary requirements:
prior to initial - Personnel Vetting Process. - Personnel Vetting Process.
employment in that role
and periodically
thereafter.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

New security requirement.


5.4. Physical and Logical
Password Storage
Control: Any recorded
passwords for privileged
accounts are stored in a
protected physical or
logical location, with
access restricted on a
need-to-know basis.
4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
6.1. Malware Protection
Environment 4.2.6 Security Software 3.1.6 Security Software Environment
Control: Anti-malware 4.2.6 Security Software Applicable control: IDS.01, IDS.02 Applicable control: IDS.01 4.2.6 Security Software
software from a Applicable control: IDS.01 Applicable control: IDS.01
reputable vendor is 4.3 Secure Local Client Environment 3.2 Secure Local Client Environment
installed and kept up-to- 4.3 Secure Local Client 4.3.4 Anti-virus and Anti-malware 3.2.5 Anti-virus and Anti-malware 4.3 Secure Local Client
date on all systems. Environment Services Services Environment
4.3.4 Anti-virus and Anti-malware Applicable control: CAV.01 Applicable control: CAV.01 4.3.3 Anti-virus and Anti-malware
Services Services
Applicable control: CAV.01 Complementary requirements: Complementary requirements: Applicable control: ALM.01
- Anti-malware software from a - Anti-malware software from a
Complementary requirements: reputable vendor is installed on reputable vendor is installed on
Complementary requirements:
- Anti-malware software from a all computing platforms and all computing platforms and
- Anti-malware software from
reputable vendor is installed updated daily. updated daily.
a reputable vendor is
on all computing platforms - Ensure that the transfer of any - Ensure that the transfer of any
installed on all computing
and updated daily. file content does not contain any file content does not contain any
platforms and updated daily.
- Ensure that the transfer of any kind of virus or other data that kind of virus or other data that
file content does not contain may create risks for the sender, may create risks for the sender,
any kind of virus or other data for SWIFT, or for the receiver. for SWIFT, or for the receiver.
that may create risks for the
sender, for SWIFT, or for the
receiver.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

4.4 Secure Local Application 4.4 Secure Local Application 3.3 Secure Local Application New security requirement.
6.2 Software Integrity
Environment Environment Environment
Control: A software
4.4.4 Integrity and Authentication 4.4.4 Integrity and Authentication 3.3.4 Integrity Mechanisms
integrity check is
Applicable control: SWI.01, SWI.02, Applicable control: SWI.01, SWI.03 Applicable control: SWI.01, SWI.02,
performed at regular SWI.03 SWI.03
intervals on messaging Complementary requirements:
interface, communication Complementary requirements: - Scope enlarged with stand-alone
interface, and other - Scope enlarged with stand- RMA application and SNL.
SWIFT-related alone RMA application and
applications. SNL.

4.4 Secure Local Application 4.4 Secure Local Application 3.3 Secure Local Application Not applicable.
6.3 Database Integrity
Environment Environment Environment
Control: A database 4.4.4 Integrity and Authentication 4.4.4 Integrity and Authentication 3.3.4 Integrity Mechanisms
integrity check is Applicable control: DBI.01 Applicable control: DBI.01 Applicable control: DBI.01
performed at regular
intervals on databases
that record SWIFT
transactions.

4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.1 SWIFT Security Governance
6.4 Logging and
Environment 4.2.2 Logical Access Control 3.1.3 Operating System Activity for Customers
Monitoring
4.2.2 Logical Access Control Applicable control: SLA.06, SLA.12 Logging 4.1.1 Alliance Lite2 Customer
Control: Capabilities to Applicable control: SLA.06, SLA.12 4.2.3 Operating System Activity Applicable control: SLG.01, SLG.02, Security Officer
detect anomalous activity 4.2.3 Operating System Activity Logging SLG.03, SLG.04 Applicable controls: ALQ.04,
are implemented, and a Logging Applicable control: SLG.01, SLG.02, ALQ.05
process or tool is in place Applicable control: SLG.01, SLG.02, SLG.03, SLG.04 3.3 Secure Local Application
to frequently store and SLG.03, SLG.04 Environment 4.2 Secure Local Server
review logs. 4.3 Secure Local Client Environment 3.3. Auditing and Monitoring Environment
4.3 Secure Local Client
4.3.2 Logical Access Control Applicable control: ALG.01, ALG.02, 4.2.3 Operating System Activity
Environment
Applicable control: CLA.05 ALG.03, ALG.04 Logging
4.3.2 Logical Access Control
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

Applicable control: CLA.05 4.4 Secure Local Application 3.4 Local Network Security Applicable control: SLG.01,
Environment 3.4.2 Network Segregation SLG.02, SLG.03, SLG.04
4.4 Secure Local Application
4.4.8 Auditing and Monitoring Applicable control: NET.08
Environment
Applicable control: ALG.01, ALG.02, 4.4 Secure Local Application
4.4.2 Authorisation Schemes
ALG.03, ALG.04, ALG.05 Complementary requirements: Environment
Applicable control: AAS.07,
- Enhanced the scope (data 4.4.5 Auditing and Monitoring
4.4.8 Auditing and Monitoring
4.5 Local Network Security exchange layer:network, Applicable control: ALA.01,
Applicable control: ALG.01, ALG.02,
4.5.2 Network Segregation database, all server applications ALA.02, ALA.03
ALG.03, ALG.04, ALG.05
Applicable control: NET.08 and OS).
4.5 Local Network Security - Retention period of the audit
4.5.2 Network Segregation 4.5 Local Network Security
Complementary requirements: logs.
Applicable control: NET.09 4.5.2 Network Segregation
- Enhanced the scope (data - Types of log files to collect and
Applicable control: ALN.07
Complementary requirements: exchange layer:network, monitor.
- Enhanced the scope (data database, all server applications
Complementary requirements:
exchange layer:network, and OS).
- Enhanced the scope (data
database, all server - Retention period of the audit
exchange layer:network,
applications and OS). logs.
database, all server
- Retention period of audit logs. - Types of log files to collect and
applications and OS).
- Types of log files to collect monitor.
- Retention period of the
and monitor. audit logs.
- Types of log files to collect
and monitor.

4.5 Local Network Security 4.5 Local Network Security 3.1 Secure Local Server Environment 4.2 Secure Local Server
6.5A Intrusion Detection
4.5.4 Network Intrusion Detection 4.5.4 Network Intrusion Detection 3.1.2 Logical Access Control Environment
Control: Intrusion Systems Systems Applicable control: IDS.01 4.2.6 Security Software
detection is implemented Applicable control: NID.01 Applicable control: NID.01 Applicable control: IDS.01
to detect unauthorised
network access and
anomalous activity.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

4.6 Other Security 4.6 Other Security 3.5 Other Security 4.6 Other Security
7.1. Cyber Incident
Recommendations Recommendations Recommendations Recommendations
Response Planning
4.6.2 Backup and Resilience 4.6.2 Backup and Resilience 3.5.2 Backup and Resilience 4.6.3 Resilience and Backup
Control: The organisation
Applicable control: SBS.01, SBS.02, Applicable control: SBS.01, SBS.02, Applicable control: SBS.01, SBS.02, Applicable control: SBS.01,
has a defined and tested
SBS.03 SBS.03 SBS.03 SBS.03
cyber incident response 4.6.4 Incident Management 4.6.4 Incident Management 3.5.4 Incident Management 4.6.5 Incident Management
plan. Applicable control: IMA.01, IMA.02 Applicable control: IMA.01, IMA.02 Applicable control: IMA.01, IMA.02 Applicable control: IMA.01,
IMA.02
Complementary requirements: Complementary requirements: Complementary requirements:
- The organisation has a - The organisation has a defined - The organisation has a defined Complementary requirements:
defined cyber incident cyber incident response plan cyber incident response plan - The organisation has a
response plan which is which is reviewed on annual which is reviewed on annual defined cyber incident
reviewed on annual basis, and basis, and tested at least every basis, and tested at least every response plan which is
tested at least every two two year. two year. reviewed on annual basis,
years. - Provided steps to be included in - Provided steps to be included in and tested at least every two
- Provided steps to be included the plan in case of cyber the plan in case of cyber year.
in the plan in case of cyber incidents that compromise the incidents that compromise the - Provided steps to be
incidents that compromise confidentiality, integrity, or confidentiality, integrity, or included in the plan in case
the confidentiality, integrity, availability of SWIFT services availability of SWIFT services of cyber incidents that
or availability of SWIFT and products. and products. compromise the
services and products. - The organisation has a - The organisation has a confidentiality, integrity, or
- The organisation has a documented plan for the timely documented plan for the timely availability of SWIFT services
documented plan for the sharing of threat information to sharing of threat information to and products.
timely sharing of threat intelligence-sharing intelligence-sharing - The organisation has a
information to intelligence- organisations, law organisations, law documented plan for the
sharing organisations, law enforcement/local regulators (as enforcement/local regulators timely sharing of threat
enforcement/local regulators required in each customers' (as required in each customers' information to intelligence-
(as required in each jurisdiction), and to SWIFT. jurisdiction), and to SWIFT. sharing organisations, law
customers' jurisdiction), and - The organisation has the - The organisation has the enforcement/local
to SWIFT. capability to consume threat capability to consume threat regulators (as required in
intelligence shared by SWIFT. intelligence shared by SWIFT. each customers'
jurisdiction), and to SWIFT.
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

- The organisation has the - The organisation has the


capability to consume threat capability to consume threat
intelligence shared by SWIFT. intelligence shared by
SWIFT.
4.2 Secure Local Server 4.2 Secure Local Server Environment 3.1 Secure Local Server Environment 4.2 Secure Local Server
7.2. Security Training
Environment 4.2.2 Logical Access Control 3.1.2 Logical Access Control Environment
and Awareness
4.2.2 Logical Access Control Applicable control: SLA.02, SLA.05 Applicable control: SLA.02, SLA.03 4.2.2 Logical Access Control
Control: Annual security
Applicable control: SLA.02, SLA.05 Applicable control: SLA.02,
awareness sessions are
4.3 Secure Local Client Environment 3.2 Secure Local Client Environment SLA.05
conducted for all staff 4.6 Other Security 4.3.6 Secure Browsing 3.2.4 Secure Browsing
members, including role- Recommendations Applicable control: SBR.02, SBR.03 Applicable control: CSB.01 4.3 Secure Local Client
specific training for SWIFT 4.6.3 User Security Awareness Environment
roles with privileged Applicable control: UAW.01 4.6 Other Security 3.5 Other Security 4.3.5 Secure Browsing
access. Recommendations Recommendations Applicable control: ALB.01
Complementary requirements: 4.6.3 User Security Awareness 3.5.3 User Security Awareness
- Frequency of the training and Applicable control: UAW.01 Applicable control: UAW.01 4.6 Other Security
security awareness sessions. Recommendations
Complementary requirements: Complementary requirements: 4.6.4 User Security Awareness
- Frequency of the training and - Frequency of the training and Applicable control: UAW.01
security awareness sessions. security awareness sessions.
Complementary requirements:
- Frequency of the training
and security awareness
sessions.

New security requirement.


7.3A. Penetration Testing
Control: Application,
host, and network
penetration testing is
conducted within the
SWIFT Security Control Alliance Security Guidance Certified Customer Managed Alliance Remote Gateway Security Alliance Lite2 Security Guidance
Interface Security Guidance Guidance

secure zone and on user


PCs.

New security requirement.


7.4A. Scenario Risk
Assessments
Control: Scenario-driven
risk assessments are
conducted regularly to
improve incident
response preparedness
and to increase the
maturity of the
organisation’s security
programme.
Legal Notices
Copyright
SWIFT © 2019. All rights reserved.

Restricted Distribution

Do not distribute this publication outside your organisation unless your subscription or order expressly grants you that right, in which case ensure you comply with any other
applicable conditions.

Translations
The English version of SWIFT documentation is the only official and binding version.

Disclaimer
SWIFT supplies this publication for information purposes only. The information in this publication may change from time to time. You must always refer to the latest available
version.

Trademarks
SWIFT is the trade name of S.W.I.F.T. SCRL. The following are registered trademarks of SWIFT: the SWIFT logo, SWIFT, SWIFTNet, Accord, Sibos, 3SKey, Innotribe, the
Standards Forum logo, MyStandards, and SWIFT Institute. Other product, service, or company names in this publication are trade names, trademarks, or registered
trademarks of their respective owners.

You might also like