Company Overview

CSE is a digital innovation center that provides end-to-end solutions and services to about 150 customers, including credit institutions and financial intermediaries, who manage more than €345 billion in assets.

With constant attention to innovation, CSE has developed services not only for its core customer base of banking institutions, but also for securities investment firms, asset management companies, other financial services providers, and branches of foreign banks. "We provide comprehensive outsourcing services, with customers relying on us to manage hardware and software, resource optimization, and database access,” explains Alberto Todeschi, Head of Mainframe System Programming at CSE. “Typically, our customers do not have their own data center."

The Challenge

Today's consumers expect financial services to run 24 hours a day. For example, credit card payments must always work and customer service must always be available. The nonstop environment, and the digitalization of every aspect of it creates an ever-increasing mass of data to manage.

Massimiliano Giberti, Head of Mainframe Change Management at CSE, says, "As an outsourcing company, we have to anticipate market demands. Banking is notoriously based on the availability, confidentiality, and integrity of data, and to all this you must add resilience and business continuity.”

In addition to ensuring data integrity, CSE must ensure that it can demonstrate compliance with regulations such as the Digital Operational Resilience Act (DORA) and the Payment Card Industry Data Security Standard (PCI DSS).

With a view to offering guaranteed availability and responsiveness of banking applications at the lowest possible cost, CSE has constantly strengthened its partnership with BMC.

The Solution

CSE has used BMC AMI Ops, BMC AMI Data, and BMC AMI Recovery for several years. More recently, it added BMC AMI Security Reset Password and BMC AMI DevX Code Pipeline, working with BMC to get both solutions operational within 12 months—which allowed CSE to avoid the high renewal costs of its previous CI/CD tool.

CSE uses BMC AMI Recovery for Db2^® to support compliance with the new DORA regulations in effect from 2025, which require a very short recovery time objective (RTO). This means that in the event of an attack that disrupts the usability of applications, data, or systems, the organization will need to ensure that business-critical services are restarted quickly. "It is very important for us to rely on a commercial solution for these activities," says Todeschi. "The issue is extremely delicate and, for this reason, we prefer to rely on IT solutions developed by specialists in the field. Thanks to the adoption of BMC AMI Recovery for Db2^®, we have met the new specifications of the DORA regulation enforced from 17 January 2025. In this regard, we have solid reports that show we are able to meet and guarantee the required recovery time of business-critical services."

In addition, the new Universal Table Spaces (UTS) architecture developed by IBM^® for Db2^® allows for a much more efficient and cost-effective use of storage resources. CSE currently has 400,000 tables in production, so the migration to the new UTS architecture was essential. Migrating to this architecture also has a major impact on backup and recovery, which cannot be managed with a traditional solution that would require a very large number of virtual tape volumes to host copies of the data. With the adoption of the BMC AMI Copy utility, CSE has successfully and effectively dealt with this migration.

CSE also adopted the BMC AMI Security Self-Service Password Reset (SSPR) solution to simplify the password change process. This tool provides an efficient workflow for users to self-reset lost or expired passwords, eliminating the need to contact security administrators. "Thanks to the BMC AMI SSPR solution, customized by BMC according to our needs, our Resource Access Control Facility (RACF) administrators can now focus on higher-value activities," says Stefano Sidoli, the RACF service’s Head of Mainframe Security. "We are very pleased with the product for its contribution to security, protection and productivity."

By replacing its previous solution for source code management with BMC AMI DevX Code Pipeline, CSE created a software factory approach that allows greater flexibility in software development. Responsiveness is fundamental for CSE, and the company’s developers now use intuitive features in BMC AMI DevX Code Pipeline to quickly deploy code or revert to a previous state. In addition, administrators use the solution to more easily manage and introduce additional custom features, such as extended controls, governance constraints, and testing in custom sandbox environments. To maximize agility, CSE and BMC conducted phased training enabling CSE’s developers to take full advantage of the new capabilities. Giberti says, "Despite the increased complexity, we have achieved greater flexibility. We have reduced the burden of releasing changes in all environments and at all levels, from development to production. This is a great advantage for programmers. Ultimately, CSE's software factory based on BMC AMI DevX Code Pipeline has achieved an excellent balance of responsiveness, productivity, and faster time to market."

The Results

Not only was CSE able to demonstrate compliance with DORA regulations, but it also achieved a more than 80% reduction in the number of datasets generated with BMC AMI Copy for Db2^®, along with a 70% decrease in CPU consumption during the nightly storage phase, as well as a reduction in overall time to complete these processes. Using BMC AMI Recovery for Db2^® has made the nightly backup process much more efficient.

"Without the BMC solution, the number of backup objects would have exceeded the number supported by our backup hardware," says Todeschi. "So CSE would have needed to overhaul the backup system and, during the recovery phase, manage a very large number of datasets, with much more difficulty."

With BMC AMI Security Self-Service Password Reset (SSPR), CSE reduced by 80% the number of phone calls or tickets sent to the IT help desk for mainframe password changes. That has allowed the company to free up internal resources to carry out higher-value activities, such as implementation of security and authentication mechanisms, and to be able to manage help desk tickets more easily. The new, standardized procedure for changing mainframe passwords assists internal security personnel while also supporting better service for end users.

CSE has also seen tremendous results since migrating to BMC AMI DevX Code Pipeline. In addition to increasing developer productivity, it has achieved considerable savings on the expected licensing costs compared to its previous supplier.