The challenge

POBA Services a.s. provides accounting services and facility management for its parent company Poštová banka, the 7th largest bank in Slovakia.

When POBA Servis a.s. was preparing for its ISO/IEC 27001 certification, it needed a company that could help them implement the security requirements set by the norm. Because the company handles sensitive client banking information and project documentation on behalf of Poštová banka a.s., they needed to reinforce both their information management security system and their risk management system.

POBA’s IT department chose Safetica security software to take care of their compliance needs, as it provides multiple tools that help companies satisfy the ISO/IEC 27001 norm requirements.

The solution

The whole operation started with an analysis of how end users work with their computers, with a special emphasis on usual data handling processes. In the next phase, policies were set for external devices management - POBA Servis decided to only allow the use of Safetica-encrypted company USB drives.

In the last phase, actual data protection policies were set and fine-tuned. These policies prohibit sensitive files from being printed, copied to unauthorized external devices, sent to external email accounts, print screen captured or uploaded to the web.

The Result

Safetica gave POBA Servis a.s. the tools it needed for certification by ISO/IEC 27001. Safetica software supports the information management security system, ensuring internal security and protecting the company from human errors.

Files can only move in predefined ways, and records are available for all actions. Management now gets weekly summary reports on user internet activity, application use, document printing and file lifecycles. In the event of a security incident, POBA management is notified immediately.

  • performed complete internal data security audit
  • sensitive data can now be manipulated only according to defined security rules
  • management receives instant alerts in case of a security incident
Dita Eckhardtova

Next articles

Krakowski Bank Spółdzielczy Mitigates Insider Risk through Employee Awareness and Education

Krakowski Bank Spółdzielczy further strengthened the security of the data collected by the bank by implementing a DLP solution and empowering their employees.

Concept Medical understands their data flow and can assess their productivity thanks to Safetica

The research company Concept Medical wanted to fulfill their legal obligations, have an overview of their sensitive data flow, and get insight into their productivity.

Franco Compania Naviera meets ISO 27001 requirements

The Greek company Franco Compania Naviera is one of the most respected in traditional shipping management. By implementing Safetica, the company can now better monitor employee compliance with company policies, fulfill ISO 27001 requirements, and monitor sensitive information within the company.