Watch the full video review here
What is most valuable?
We are using the IDM solution for customer identification and authorization. We just started the project about a year ago. We have already implemented IDM on our website and our mobile applications. So far it's looking good. It's an interesting question because what we are getting back from our customers, they're quite afraid of what's happening because we have actually gone down from three identifiers on our website to two. In our mobile applications, we are now enabling one identifier and we have just implemented fingerprint recognition. Our customers were calling us and asking "look we are seeing cyber attacks happening, identification being stolen all over the world. How are you actually going down and using only this parameters for identification?"
I think that the CA product enables us to do that. Get more security with lesser need of user identification.
What needs improvement?
There are actually quite a few nice things on the CA roadmap in the future. I think to have ability to enable our customers to have different roles, because we have customers that they can be a private customer, they can be part of an organization or a corporation and they need to have different roles. I think that's still something we will see in the future. We have some basic product to do that and we are starting to implement it but it will take us some time to get there.
What do I think about the stability of the solution?
It was a journey because when we started the project, we had trouble. We couldn't get the system easily installed, up and running but over the time we installed a different project from CA. Which is called Wiley [CA APM] which really enabled us to get things smooth, up and running and for the past 6 months we haven't had any defaults in the system.
What do I think about the scalability of the solution?
We started off with 10,000 customers on system, it looked good. Now we have about 1.6 million customers on the system, no problems at all.
How are customer service and technical support?
We had a technical support locally in Israel from CA but we were referred to CA Laboratories Worldwide. We had good support from them.
Which solution did I use previously and why did I switch?
Cyber security in these days is a very important issue as we all know. We had an old system, we saw that we cannot move ourselves into the digital age, the banking digital age, without a robust system that will enable us the capabilities we needed. We started looking around for a new platform quickly. We sorted out that CA's the best product for us and that is really the product we are based on to do our digital transformation in our bank.
How was the initial setup?
Since we are discussing a very vulnerable system which would actually be the front-end for our customers, at the end of the day. We had to take it really slow and we got the system up and running, co-existing with our old system. We did a lot of tests, we had, as I said before, a few customers on the system before we actually started to deploy. It took us about 8 months to get things up and running smoothly. Then we had the confidence to really migrate our customers to the new system.
Which other solutions did I evaluate?
We have long, long list of parameters that we, of course, check. It's about 5 pages of criteria and of course robustness, the ability to go forwards as a system over long years. Transforming to such a system is a very long process. We want to have a system that can be up with us for at least 10 to 15 years. We checked it quite thoroughly, we of course talked to other organizations that had the system. We think we had made a good decision.
What other advice do I have?
As it looks for now, it looks as an 8/10. I believe that it can go up to 9 and 10 in the future. I think that stability issues in the beginning of the process are a major thing. Getting the system up and running smoothly took us quite a few months. The main area would be the security area of course. Even our own employees, for example, cannot see customer data on the system. It's all encrypted so we don't see passwords, we have limited viewability of what's happening on the system in the security areas. I think that the system that's built to disable our own employees from data leak prevention aspects, almost unable entirely to take our data out of the system and share it with someone. That's a main factor having a security system in our organization.