At the beginning of 2023, at the initiative of Ukrsibbank, we passed an independent audit of IT security of our own infrastructure.
The history of our cooperation with Ukrsibbank 17 years. Since 2006, VERNA has participated in the opening of 700 bank branches and credit points.
For more than 6 years VERNA has been supporting the IT infrastructure of Ukrsibbank branches. In addition to supporting IT infrastructure, we implement SCS and Wi-fi for the bank, supply equipment and necessary software.
The task of the audit company was to assess the risks that may affect Ukrsibbank's production and other business processes, violate commercial or banking secrets or cause financial and reputational losses. The auditors checked compliance with the requirements of the international standard NIST 800-53R5.
The audit included an audit of VERNA's internal IT infrastructure, an audit of the organization of protection and system configuration, an audit of the VERNA personnel involved in the IT infrastructure support project, to achieve security objectives and risks to the bank's assets.
VERNA's information security policy is to strictly comply with the rules for the exchange, storage and reproduction of information that is known to our employees, partners and contractors, in the course of fulfilling their obligations under the concluded contracts.
The basis of the secure storage of information is the clear branching and authentication of users, based on compliance with their assigned tasks, their official duties, competence and level of tolerance. We constantly analyze the risks that arise when working with data and take measures to reduce their negative impact. There are clearly defined formats for storing information.
The audit company checked the internal documents describing the company's IT infrastructure, network equipment and access, the procedure for organizing an operational replacement.
The entire VERNA IT infrastructure is built on the principle of server hardware virtualization and is physically located in the Data Center. Availability, reliability and failure resistance of the Data Center infrastructure is maintained at 99.9% by reserving input channels by multiple ISPs with automatic switching to available channels and two independent Category 1 power inputs from two different substations. In addition, uninterruptible power supplies and diesel generator sets are used to prevent emergencies in the Data Center.
VERNA applies group policy management through Active Directory. We use group policies to provide customization of the user work environment, deploy software, install OS updates. With the help of ActiveDirectory, we establish security rules, we carry out access control and restrict unreliable contacts.
The auditors checked the conditions for protecting important information and ensuring smooth operation, using antivirus programs, controlling software versions and installing additional user software.
UKRSIBBANK JSC— one of the largest Ukrainian banks, the main shareholder of which is the world leader of the financial services market, the largest international financial group BNP Paribas.
Зв'яжіться з нами, щоб отримати більше інформації про наші рішення та проєкти
