Privileged Access
Management for Bank of
Communications Data Center

Customer introduction

  • Bank of Communications is one of the five largest state-owned banks with business outlets all over the country.
  • headquartered in Shanghai, its data center supports core businesses such as Bank of Communications' domestic and overseas branches, funds, and offshore finance, concluding system department, security department, business department, and a large number of users of maintenance vendors.
  • More than 4000 servers, and about 80,000 privileged accounts.

Business Challenges

  • Large number of servers, involving complicated accounts, and it is difficult to manage the entire life cycle of accounts.

  • Lack of a unified management system for privileged account Account collection, account statistics, account classification, account authorization by excel data sheet.

  • Scans all distributed networks and discovers both local an domain accounts. All relevant privileged account information is retrieved , such as UID, main group, directory permissions, ssh, telnet, ftp, rlogin, locked, etc.

  • Lack of automatic detection of account profile , account permissions, and notifications. Lack of account-related audits.

Project scope

Solution -system architecture


  • Provide a unified account management platform to reduce the difficulty of account life-cycle management.

  • Automate account classification to solve the status of difficulty in account classification.

  • Provide permission change and authorization to improve system administrator efficiency.

  • It realizes a seamless connection with CMDB, IBM cloud service platform and bastion machine platform, realizes unified asset management, and defines standard management processes for later asset management.

  • Provide account statistics, authority statistics, change statistics, and other related audits.

  • Automatically scan the account's own permission statistics view, such as UID, main group, directory permissions, ssh, telnet, ftp, rlogin, locked, etc., to provide account permission attempts.

We Are Listening to Your Demand

  • Name
  • E-mail
  • Phone
  • District
  • Company
  • Demand

© 2020 Paraview Software. All rights reserved.