Customer cases

A major French banking group called on SYSTEMIS to help them secure their web applications. This initiative aimed to define security standards in web development. The mission of SYSTEMIS was articulated around two axes:

• Raise developers’ awareness of security best practices,
• Ensure that teams systematically include ISS in projects.
• Significantly improve the security of web applications,
• Take safety into account at the design stage, be proactive,
• Systematize the safety improvement approach in projects,
• Limit the risk of intrusion on the CI/CD chain.

As a result, the group has seen a reduction in the number of vulnerabilities discovered by penetration testing. The project teams have been made aware of security and have since asked for help from the SSI.

On behalf of a large international banking group, SYSTEMIS carried out an IAM globalization mission for the Assets part. SYSTEMIS had to respond to two challenges from the customer:

• Definition of the target model for the Assets in the CIB tool,
• Rationalization and harmonization of the existing system in accordance with the definition of the target model for asset management in the CIB IAM tool.

To do this, SYSTEMIS has carried out the target model for the asset management of the redesign of the onboarding procedure in compliance with the customer’s requirements, in terms of security policies in place, while involving all internal and external stakeholders. We also advised them on remediation and follow-up action plans.

SYSTEMIS was able to support a leading telephone operator for a mission of security governance and assistance to the head of Information Systems Security in several areas:

• Improved processes for integrating security into product projects and operator service platforms,
• Industrialization and rationalization of ISP processes; responses to calls for tender,
• Participation in the drafting of specifications with the integration of security requirements in the projects,
• Assistance to the project owner and project management for the implementation of security measures,
• Increased competence of the security governance team,
• Setting up of the safety committee,
• Production of activity and risk monitoring indicators.

With this support from our experts, the group was able to set up a process to evaluate the ISS maturity of the various projects. A risk analysis method has also been implemented and summary materials have been redesigned. SYSTEMIS also helped the customer to redesign the transversal processes of project monitoring and to integrate the operator’s business roles into the IAM tool and the management of authorizations.

A major French and international air transport company called on our expertise to help them raise the security level of their endpoints (workstations and servers). To do this, SYSTEMIS has responded to several challenges of the customer:

• Raising the customer’s security maturity level by meeting the expressed security requirements,
• International framework,
• Multi-business: onboarding of all the client’s businesses,
• Implementation of an EDR (Endpoint, Detection & Response).

Thanks to this initiative, SYSTEMIS has completed the deployment of the new workstations. We worked in complete autonomy on the mission with the confidence of the group’s management. We accompanied and advised them on remediation and action plan follow-ups. Finally, SYSTEMIS was able to set up an EDR for the group while respecting its requirements.