Great responsibility for customer data
In addition to state institutions and so-called critical infrastructures, such as utilities and telecommunications companies, providers of financial services are also targeted by cybercriminals. As a service provider in receivables management, we process sensitive personal data, says Bernd Riedel, Head of IT Operations atriga. For fraudsters, e-mail accounts, telephone numbers, bank account data and information about economic conditions are therefore an attractive loot. We take our commitment very seriously to protect our clients and their customers from these risks, Riedel adds. It was only in March of this year that a well-known financial service provider was the victim of a large-scale cyber-attack, which led, among other things, to system failures. Whether data has been stolen is not yet clear.
High safety standards at atriga
Bernd Riedel takes care of technical IT and data security in his function. He is also a member of the data protection task force and cooperates closely with atriga in-house lawyer and internal data protection officer Kristin Pagnia. atriga has always had high safety standards that go far beyond the legal requirements. Through a variety of measures, we protect sensitive data against misuse regardless of location and reliably,” he reports.
Bernd Riedel’s team regularly tests whether the IT infrastructure and security software correspond to the current threat situations and immediately eliminates potential vulnerabilities. Both the office and home office workstations run via secure VPN access. Personal firewalls and endpoint protection constantly check computers and mobile devices for risky processes, numerous measures are actively combated against unwanted data outflow. The Exchange server for centralised management of e-mail and other work data will soon be moved to a European cloud, where threats can be identified and blocked before they enter the corporate network.
Employees are intensively trained
The qualification of atriga employees plays an important role in cyber security. At regular intervals, they are trained and sensitised to the dangers from the network. This includes familiarising employees with the security rules for passwords, e-mails and the handling of operational data. According to Bernd Riedel, “there is no 100 percent security, but our clients and their debtors can rely on us to constantly work very intensively on the protection of personal data. In this way, we reduce the risk that we and they will become victims of criminal cyberattacks.”