Garanti BBVA secures all human and non-human access for regulatory and security standards’ compliance

Leading Turkish Bank builds a best-of-breed security infrastructure with CyberArk

Garanti BBVA

Company profile

Garanti BBVA, Turkey’s most valuable bank and second-largest private bank in asset value, provides a wide range of financial services to more than 20 million customers with 18,000 employees through an extensive distribution network of 863 domestic and seven international branches. The bank offers omnichannel services with a seamless experience across all channels including ATMs, an award-winning call center, internet, mobile and social banking platforms, all built on a cutting-edge technological infrastructure.

Industry: Financial Services
Annual Revenue: Turkish Lira TL850 Billion (USD65 Billion) consolidated assets
Employees: 18,000

Challenges

A few years ago, the global SWIFT banking network was hit by a series of cyberattacks resulting in the theft of millions of dollars. The attacks exploited vulnerabilities in members’ systems, allowing attackers to gain control of the banks’ legitimate, privileged SWIFT credentials. Today, the same threats to Identity Security still exist but are now even more sophisticated as financial institutions rely increasingly on digital technology.

Cihan Subasi, IT Security Technologies and Governance Head at Garanti BBVA, explained, “There has been a significant increase in attacks across the board, and the privileged access attacks are the most dangerous. Our priority is to keep the bank’s credentials in a safe environment to protect and limit the attack surface across all Garanti BBVA’s IT assets.”

Broad and increasingly sophisticated attack surface

Garanti BBVA wanted to improve security for use of privileged accounts, as well as identities used in the banks DevOps and cloud environments. With so many different business lines and 18,000 employees, there is a broad attack surface to protect against the theft of privileged credentials.

The bank also needed to ensure compliance with the stringent data security regulations demanded within both the Turkish and global financial sectors. As one of the pioneers of internet banking in Turkey, Garanti BBVA continues to push forward its digital transformation journey. To support this objective the bank has increased in-house development operations (DevOps) to improve application and service delivery, which has resulted in an accompanying need for more robust security tools.

Solutions

Subasi noted, “To ensure we build the best and most efficient defense against attacks, Garanti BBVA prioritizes working with professional suppliers and using leading technology, which is why we decided to partner with CyberArk.

Another key benefit of partnering with CyberArk is its C3 Alliance Partners, a network of more than 200 certified providers of enterprise software, infrastructure and security solutions. Access to the alliance helps Garanti BBVA seamlessly integrate third-party tools and solutions with CyberArk to build a best-of-breed security infrastructure.

Strengthens defense against cyber threats

Initially, CyberArk was leveraged to manage privileged accounts and over time has expanded to embrace application and cloud application security. CyberArk products are used throughout Garanti BBVA’s IT infrastructure, which is mainly on-premises along with a private cloud environment for DevOps. Deployment has been done in-house with support from CyberArk and other third-party integration partners.

“The integration capability of CyberArk – which is at the center of our cyber security portfolio – is extremely important. CyberArk works seamlessly with all our business applications and – with its APIs supporting additional integrations – puts Garanti BBVA in a much stronger position to defend against cyber threats.”

-Cihan Subasi, IT Security Technologies and Governance Head, Garanti BBVA

CyberArk is helping defend against attacks such as privileged account takeover and is relied on to isolate lateral movement threats. By enforcing least privilege access for administrators, it makes security processes more efficient and productive.

Garanti BBVA is leveraging DevOps to bring new applications to market quickly. Embedding CyberArk secrets management capabilities early in the development process reduces costs and creates a more secure and robust application.

The bank is one of the most digitized in Turkey and CyberArk has been critical in helping to secure its digital services. To comply with strong Turkish banking regulations, Garanti BBVA increased contributions during the COVID-19 pandemic when CyberArk was able to isolate and monitor privileged sessions for staff members and applications.

“CyberArk is a key component of the solutions that Garanti BBVA uses to secure customers, staff and business operations,” Subasi commented. “There is no doubt that CyberArk is one of the bank’s top security applications, and one of the most critical functions across our whole enterprise.”

Results

Profound and trusted 10-year partnership

The bank highly values its partnership with CyberArk. Subasi asserted, “The strength and depth of Garanti BBVA’s relationship with CyberArk is reflected in the more than a decade-long partnership that we have. Over that time, we have had frank and open discussions, and we’ve never had a negative experience. We value CyberArk’s competency as well as the company’s high-quality, trustworthy security solutions. We’ve helped drive CyberArk to new heights, and it has enabled Garanti BBVA to remain at the cutting edge of cyber security.”

Since the early days of internet penetration in Turkey, Garanti BBVA has been a major player in the digitalization and e-banking transformation. Subasi concluded, “We enjoy being at the forefront of digital banking and when it comes to compliance, one of the major benefits of CyberArk is helping us to meet tough Turkish banking regulations. CyberArk adapts as those regulations change and evolve, meaning we do not have to make large and costly changes every time there is a new rule.”

Key benefits

  • Protects data and financial assets of millions of customers
  • Supports DevOps to drive forward digital transformation
  • Streamlines regulatory compliance process
  • Enables fast new service rollout such as opening accounts online
  • Delivers seamless, third-party solution and application integration

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey