CyberArk Case Studies Erste Digital Enhances Protection Without Compromising Convenience with CyberArk Privilege On-Premises

Edit This Case Study Record

	Erste Digital Enhances Protection Without Compromising Convenience with CyberArk Privilege On-Premises CyberArk

Erste Digital Enhances Protection Without Compromising Convenience with CyberArk Privilege On-Premises

CyberArk

Technology Category	Cybersecurity & Privacy - Identity & Authentication Management Cybersecurity & Privacy - Security Compliance Cybersecurity & Privacy - Application Security
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation Quality Assurance
Use Cases	Real-Time Location System (RTLS) Remote Control
Services	Cybersecurity Services System Integration Software Design & Engineering Services
Challenge	The IT services unit of Erste Digital oversees critical business systems and banking software for nearly 2,200 users across multiple locations in over 10 countries. One of their key responsibilities is supporting the bank’s SWIFT infrastructure, which enables secure and efficient information exchange with other financial institutions globally. The challenge was to adhere to SWIFT’s Customer Security Controls Framework (CSCF), which requires monitoring the activity and credential usage of hundreds of users managing multiple passwords across various systems. Some applications required SWIFT certificate passwords with extraordinary length, making manual password management cumbersome and resource-intensive. Additionally, elements of the SWIFT infrastructure were not compatible with single sign-on (SSO) protocols, further complicating the management of privileged credentials and compliance with the framework. Read More
About Customer	Erste Digital is the IT service provider for Erste Group Bank, one of the largest financial services companies in Central and Eastern Europe. Headquartered in Vienna, Austria, Erste Digital is responsible for the operation of data centers, point-of-sale terminals, servers, PC networks, and banking software for Erste Group entities. With a workforce of 2,000 employees, Erste Digital plays a crucial role in ensuring the smooth operation of critical business systems and banking software for nearly 2,200 users across multiple Erste Group locations in over 10 countries. The company is dedicated to maintaining high standards of IT security and compliance, particularly in managing the SWIFT infrastructure, which is essential for secure and efficient information exchange with other financial institutions worldwide. Read More
Solution	To address the challenges, Erste Digital implemented CyberArk Privilege On-Premises to simplify the management of privileged credentials and ensure compliance with SWIFT’s Customer Security Controls Framework. The platform’s ability to extract and securely store secrets embedded in applications, along with its threat analytics capabilities, made it an ideal choice. CyberArk automates password rotation for access to the bank’s SWIFT infrastructure, eliminating the need for manual password management and enhancing security. The integration of CyberArk with Erste Digital’s proprietary identity access management solution was facilitated by CyberArk’s REST APIs, enabling seamless integration with the existing technology stack. This allowed for the implementation of multi-factor authentication, a requirement of SWIFT’s security framework, and streamlined access to applications for business users. The deployment was carried out in partnership with managed service provider Bacher Systems. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Identity & Authentication Management

Cybersecurity & Privacy - Security Compliance

Cybersecurity & Privacy - Application Security

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Quality Assurance

Use Cases

Real-Time Location System (RTLS)

Remote Control

Services

Cybersecurity Services

System Integration

Software Design & Engineering Services

Challenge

The IT services unit of Erste Digital oversees critical business systems and banking software for nearly 2,200 users across multiple locations in over 10 countries. One of their key responsibilities is supporting the bank’s SWIFT infrastructure, which enables secure and efficient information exchange with other financial institutions globally. The challenge was to adhere to SWIFT’s Customer Security Controls Framework (CSCF), which requires monitoring the activity and credential usage of hundreds of users managing multiple passwords across various systems. Some applications required SWIFT certificate passwords with extraordinary length, making manual password management cumbersome and resource-intensive. Additionally, elements of the SWIFT infrastructure were not compatible with single sign-on (SSO) protocols, further complicating the management of privileged credentials and compliance with the framework.

About Customer

Erste Digital is the IT service provider for Erste Group Bank, one of the largest financial services companies in Central and Eastern Europe. Headquartered in Vienna, Austria, Erste Digital is responsible for the operation of data centers, point-of-sale terminals, servers, PC networks, and banking software for Erste Group entities. With a workforce of 2,000 employees, Erste Digital plays a crucial role in ensuring the smooth operation of critical business systems and banking software for nearly 2,200 users across multiple Erste Group locations in over 10 countries. The company is dedicated to maintaining high standards of IT security and compliance, particularly in managing the SWIFT infrastructure, which is essential for secure and efficient information exchange with other financial institutions worldwide.

Solution

To address the challenges, Erste Digital implemented CyberArk Privilege On-Premises to simplify the management of privileged credentials and ensure compliance with SWIFT’s Customer Security Controls Framework. The platform’s ability to extract and securely store secrets embedded in applications, along with its threat analytics capabilities, made it an ideal choice. CyberArk automates password rotation for access to the bank’s SWIFT infrastructure, eliminating the need for manual password management and enhancing security. The integration of CyberArk with Erste Digital’s proprietary identity access management solution was facilitated by CyberArk’s REST APIs, enabling seamless integration with the existing technology stack. This allowed for the implementation of multi-factor authentication, a requirement of SWIFT’s security framework, and streamlined access to applications for business users. The deployment was carried out in partnership with managed service provider Bacher Systems.

Impact #1	Automated password rotation with CyberArk Privilege On-Premises has significantly improved security and freed internal resources to focus on more strategic tasks.
Impact #2	Session isolation, recording, and searchable audit trails ensure compliance with key requirements of the SWIFT Customer Security Controls Framework (CSCF).
Impact #3	Secrets management capabilities reduce risks associated with deploying new applications, enhancing overall security.

Impact #1

Automated password rotation with CyberArk Privilege On-Premises has significantly improved security and freed internal resources to focus on more strategic tasks.

Impact #2

Session isolation, recording, and searchable audit trails ensure compliance with key requirements of the SWIFT Customer Security Controls Framework (CSCF).

Impact #3

Secrets management capabilities reduce risks associated with deploying new applications, enhancing overall security.

Benefit #1	The automation of password rotation has reduced the time spent on manual password management, allowing for more frequent and complex password updates.
Benefit #2	The implementation of CyberArk Privilege On-Premises has streamlined compliance processes, making it easier to demonstrate adherence to SWIFT’s security framework during audits.

Benefit #1

The automation of password rotation has reduced the time spent on manual password management, allowing for more frequent and complex password updates.

Benefit #2

The implementation of CyberArk Privilege On-Premises has streamlined compliance processes, making it easier to demonstrate adherence to SWIFT’s security framework during audits.

Download PDF Version

Overview

Erste Digital Enhances Protection Without Compromising Convenience with CyberArk Privilege On-Premises

Operational Impact

Quantitative Benefit