Close

Customer Case Study: BayPort Credit Union

Credit Union (serving nearly 148,000 members) Bayport Credit Union using PKI Spotlight to monitor security system protecting organization against cyberattacks and to demonstrate compliance during audits.

Download this Case Study
Schedule a Demo

Business Challenge

Protecting BayPort Credit Union from ransomware attacks, data breaches, and other cyberattacks were some of the top business challenges the credit union wanted to address when they contacted PKI Solutions, according to Scott Fales, principal network engineer at BayPort Credit Union. BayPort’s IT team wanted to improve the organization’s overall security systems to protect the important financial data of the credit union and their customers as part of the company’s overall mission to develop the long-term prosperity for its communities and support its members’ financial well-being.

The credit union also needed detailed reports to demonstrate compliance and operational resilience of all identity and data encryption systems during the periodic financial audits that are common in the banking industry.

In addition, now that BayPort Credit Union has rolled out new Interactive Teller Machines (ITMs) to replace its current network of ATMs, the need for highly secure traffic between the ITMs and the central server is more critical than ever before. All of the credit union’s ATMs/ITMs need to have assigned certificates and those ATMs/ITMs have to trust the central ATM/ITM server. These certificates, which need to be carefully monitored, are used to encrypt traffic between the ATMs/ITMs and the credit union’s main banking system. Those reports on the PKI environment are important to the day-to-day business of the bank.

“Our new ITMs include more functionality and feature video screens which allow users to talk with someone back at our call center. These new features make the use of ITMs even more critical now that customers can do even more types of transactions through the ITMs. This means that BayPort must ensure that we have highly secure communications between the ITMs and our central server to protect our customers’ data and privacy. That’s an area where the team at PKI Solutions and PKI Spotlight have provided value as well,” said Fales.

PKI is becoming a requirement for every piece of software. For example, we need to have certificates installed on the server for all of our internal applications. All of our firewall traffic has to have certificates now to be able to decrypt and monitor traffic so that we can check it before it gets to the end user. The certificates in the PKI are only becoming more widespread over time as more and more certificates are required everywhere.

Scott FalesPrincipal Network Engineer

Solution Overview

PKI Solutions recently worked with BayPort Credit Union to update their PKI environment and also introduced Fales to PKI Spotlight, the industry’s first and only solution that provides real-time monitoring and alerting of the availability, configuration, and security of all of organizations’ PKI environments – all consolidated into one easy-to-use dashboard.

Fales credits PKI Solutions’ work with BayPort in 2015 for the design and implementation of their original Public Key Infrastructure (PKI) as being a foundational first step in building the integrity of the credit union’s overall security and business operations. In 2021, he reached out to the PKI Solutions team again to help him manage an upgrade of BayPort’s PKI servers.

“When we stood up our first PKI server a few years ago, we worked with PKI Solutions because Mark Cooper and his team are the best at what they do,” said Fales. “Last year, we did a refresh on our PKI server and we obviously wanted PKI Solutions to manage that project again. When Mark told me about their new PKI Spotlight product, I was excited to learn more about it. I was particularly interested in its monitoring, alerting, and reporting capabilities because of our auditing process.”

Since BayPort’s IT team is stretched thin, Fales explained that he typically likes to work with leading technology vendors and expert consultants to help manage his organization’s security systems. “Not only do we get excellent strategic advice from PKI Solutions, but they’ve also introduced us to innovative products that can really help us out,” Fales said. “I think PKI Spotlight will be incredibly helpful to my organization by streamlining and automating a lot of our processes. We’re using PKI Spotlight in a ‘fire and forget’ scenario because I can trust it to hum along and every once in a while I’ll log in and look it. I know that I don’t need to worry about anything since PKI Spotlight’s monitoring and alerting functions will send me an email alert if something goes down in our system.”

According to Fales, PKI Spotlight gives him better peace of mind. “I want to know that everything is good and the system is healthy,” said Fales. “The reporting capability of PKI Spotlight is excellent and provides us with valuable compliance and governance reports that we can give to our auditors whenever we need them. Operational availability is a key part of the audit so I’ll have the reports that show that straight out of the system.”

Key Deliverables

  • Designed a PKI architecture as a foundational part of the organization’s cybersecurity infrastructure
  • Installed PKI Spotlight for ongoing monitoring and alerting within their PKI environment

Outcome

  • Updated PKI environment specifically designed and deployed to support the security, privacy, and business requirements of BayPort Credit Union
  • Implemented PKI Spotlight to provide real-time monitoring and alerting of the availability, configuration, and security of the organization’s PKI environment

Results

BayPort Credit Union is now more confident in their overall PKI infrastructure and the security of all of their organization’s identity and encryption systems thanks to their recent implementation of PKI Spotlight along with the strategic advisory and deployment services provided by PKI Solutions.

“PKI Solutions’ product support team was very easy to work with and they did a great job with the rollout of PKI Spotlight. The installation of PKI Spotlight went smoothly. Most importantly, I was able to install the latest upgrade by myself. The install was easy and didn’t suck up a lot of my time,” said Fales.

“We’ve been very pleased working with PKI Solutions because we know that we’re getting the best-in-class PKI expertise. PKI Spotlight is an important addition to our portfolio of products and gives us productivity gains together with peace of mind that our PKI systems are available and functional, and any service that relies on our PKI is operating smoothly and securely,” said Fales. “We expect our reliance on our PKI environment to increase over time and having a product like PKI Spotlight means that we can reliably execute on initiatives that continue to improve our security posture.” Since PKI is a foundational technology for almost every identity and data encryption solution used throughout the world, Fales believes that PKI is getting more important as time goes on.

  • Get to Know PKI Spotlight!

    Schedule a demo with our PKI experts to learn how PKI Spotlight addresses the most common challenges faced by our customers. 

    By the end of your call, you’ll have a clear understanding of how PKI Spotlight will improve your operational resilience, security posture, threat detection, and best-practice capabilities.

    Topics we will cover:

    • How the real-time aggregation engine works to process information from PKI roles such as CAs, CRL distribution points, Hardware Security Modules, and more.
    • How to set up monitoring and alerting rules so that you, your teams, and stakeholders can get notified on changes, failures, and even pre-failure states.
    • How to use config explorer to get insights into PKI configurations such as CA permissions, revocations, and crypto modules.
    • How you can use time-based filtering to keep track of trends and establish behavioral baselines.
    Schedule Demo Here