The challenge

POBA Services a.s. provides accounting services and facility management for its parent company Poštová banka, the 7th largest bank in Slovakia.

When POBA Servis a.s. was preparing for its ISO/IEC 27001 certification, it needed a company that could help them implement the security requirements set by the norm. Because the company handles sensitive client banking information and project documentation on behalf of Poštová banka a.s., they needed to reinforce both their information management security system and their risk management system.

POBA’s IT department chose Safetica security software to take care of their compliance needs, as it provides multiple tools that help companies satisfy the ISO/IEC 27001 norm requirements.

The solution

The whole operation started with an analysis of how end users work with their computers, with a special emphasis on usual data handling processes. In the next phase, policies were set for external devices management - POBA Servis decided to only allow the use of Safetica-encrypted company USB drives.

In the last phase, actual data protection policies were set and fine-tuned. These policies prohibit sensitive files from being printed, copied to unauthorized external devices, sent to external email accounts, print screen captured or uploaded to the web.

The Result

Safetica gave POBA Servis a.s. the tools it needed for certification by ISO/IEC 27001. Safetica software supports the information management security system, ensuring internal security and protecting the company from human errors.

Files can only move in predefined ways, and records are available for all actions. Management now gets weekly summary reports on user internet activity, application use, document printing and file lifecycles. In the event of a security incident, POBA management is notified immediately.

  • performed complete internal data security audit
  • sensitive data can now be manipulated only according to defined security rules
  • management receives instant alerts in case of a security incident
Author
Dita Eckhardtova

Next articles

DPD knows there is no threat to their sensitive data

DPD Czech Republic works with sensitive data and needs to protect it and track its data flow, as well as protect USB drives and web applications.

Ferragens Negrão took control of their data and fulfilled their regulatory obligations thanks to Safetica

Ferragens Negrão secures all of their company’s data with Safetica and is ready for data protection regulations. Safetica also helps control company hardware and the application of rules for control of machine.

Thanks to Safetica, Suntex reduced their number of data security incidents to zero.

“Since we’ve implemented Safetica, the number of data security incidents has been reduced to zero.”