PETRA SIGN
Petra Sign is a web-based database privilege solution that combines an electronic approval system and
a database access control solution, and complies with the Regulation on Supervision of Electronic Financial
Transactions essential for companies handling computerized ledgers.
Petra Sign can automatically generate database access and SQL execution privilege policies based
on the user’s request and the administrator’s approval. It increases work efficiency and effectively
manages and protects data through privilege
Moreover, Petra Sign ensures effective security management while complying with the
principle of least privilege and separation of duties, as well as preventing incidents that can lead to
data leakage, exposure, and falsification from work errors and mistakes by the security administrator.
Related Legislations & Compliance
| Regulation on Supervision of Electronic Financial Transactions | |
|---|---|
| Article 27 (Control of Computerized Ledger) |
①A financial institution or electronic financial business entity must establish and manage a separate modification procedure to modify the computerized ledger due to faults or errors. ②The procedure pursuant to paragraph (1) must include items subject to modification, methods, designation of authorized modifier, automatic recording and retention of before and after the modification, and confirmation with a third party on the legitimacy of the modified details. ③A finance company or electronic financial business entity must regularly check the computerized system to check the consistency between amounts in important documents such as balance sheets and amounts in computerized ledger files. ④Where any inconsistency is discovered pursuant to paragraph (3), the finance company or electronic financial business entity must retain the cause and actions taken in an electronic file for five (5) years. ⑤A finance company or electronic financial business entity must record the worker and work details and retain them for five (5) years if the important ledger of the users was directly accessed to inquire, edit, delete, or add an important ledger. |
| Article 28 (Transaction Control) |
① A finance company or electronic financial business entity must be able to double-check using a computerized system for transactions with high risks, such as handling as a transition requiring approval from the responsible person. ② A finance company or electronic financial business entity must allow the responsible person to double-check when performing important tasks in the information processing system where computerized ledgers, important information, or user information are stored. |
Key Features
Electronic approval system
- Shows the authorization status (approved or rejected) in real-time
- Provides various approval functions including settings for approval, pre-approval, approval by a backup, and approval when absent
- Provides a function to directly configure the approval line
- Provides a function to designate personnel to the approval line by the user, organization, and roles
Various forms of request for privilege
- Provides privilege request forms for database access, SQL execution, unmasking queries, and user registration
Database data change request
- Can check the number of data before and after changes and view data
- Provides a function to change the ledger appropriate to the compliance of the Financial Supervisory Service
Linkage and customizing
- ITMS linkages such as account management solution of the current account, verification, notification, and electronic approval system
- Provides a function to customize appropriately to the work environment
Strengths
-
Ensures stable processing when changing sensitive data
- Ensures stable processing by directly executing approved SQL in the product when there are changes in sensitive data
-
Inquiry of privilege status in real-time
- Can view privilege requests and approvals in real-time
- Enables management of administrator privilege to check and retrieve permissions granted to users
Petra Sign Configuration Diagram
