Kochanski & Partners | View firm profile
Idea Bank is the first Polish financial service sector entity to obtain the ISO 27017 and ISO 27001 certifications, confirming that its cloud computing solutions meet the highest international standards, and that customer data is processed in the cloud with full respect to security standards. Kochański & Partners advised the bank throughout the certification application process.
The ISO 27017 standard frames requirements for customers and cloud data providers, and guarantees the customers and stakeholders that their data and information are properly safeguarded. ISO 27001, however, is an international standard detailing requirements for the setting up, maintenance and development of information security management systems.
Idea Bank has been first in the Polish banking and financial sector to obtain the ISO 27017 certification. Historically, the prevalence of cloud computing solutions among banks has been well below the average in developed markets. This situation began to thaw with the more open approach of the Polish Financial Supervision Authority (KNF), presented in its communication of January 2020. As a result of this, increasing numbers of banks are now showing interest in implementing cloud technologies, with some – just like Idea Bank – applying for certification confirming the security of their solutions.
Prior to becoming certified, Idea Bank went through the certification preparation process. Kochański & Partners experts analysed the bank’s cloud computing solutions and information security management system, making recommendations for changes and improvements to increase the level of security and adapting the bank’s systems to ISO requirements.
“Now, like never before, it is important to focus on technology and, at the same time, ensure information security. Idea Bank – just like us – considers these areas to be a cornerstone for the development of the financial services sector and the economy as a whole. We are now seeing on a daily basis the growing needs of companies for both legal and technological solutions, and so to better serve these businesses we have dramatically expanded our Technology Practice, which is now acknowledged as one of the largest and strongest specialist legal teams of this type in Poland,” says Monika Maćkowska-Morytz, Advocate and Counsel at Kochański & Partners.
“We are proud of being the first financial institution in Poland to achieve this level of certification, confirming that Idea Bank delivers a safe and efficient cloud-based information security management system, and that customer data is processed with the highest security standards in place,” says Jaromir Frankowicz, Management Board Member at Idea Bank. “The certifications confirm the credibility of solutions we provide, and are a further step towards the digitisation of products and services using cloud computing solutions.”
“We are actively implementing several complex cloud computing projects, which we will reveal in the coming quarters. In recent years, as a market leader in this field, we have successfully gone through the adaptation of the public cloud in several areas, and we have headed up the development of the PolishCloud standard, i.e. a standard for the implementation of cloud computing-based IT solutions in accordance with applicable regulations,” says Grzegorz Pędzisz, CIO at Idea Bank.
On the part of Kochański & Partners, the certification project was led by Monika Maćkowska-Morytz and Aleksandra Piech, assisted by Daniel Kozłowski and Maciej Mackiewicz.