Case study

Helping Pekao go passwordless with security key roll-out

Information is power. If an unauthorized person has access to our personal details, they could potentially harm us in many ways.
Company Size:
Since 2021
Technologies used:
Azure AD
FIDO2 Passwordless Authentication

It is no different for companies. To operate, they gather information on a massive scale,  and protecting it is crucial not just to their reputation, but for survival. 

Protecting resources in a regulated industry 

In some sectors, this challenge is even greater. Having access to someone’s financial information could affect their livelihood. As a result, the finance industry is one of several where keeping data highly secured is essential. 

Many standards have been developed for data and information protection. As technology evolves, so does legislation. In response, cloud vendors like Microsoft go to a lot of effort to make sure their products, like the Azure cloud, comply with current regulations. 

In some cases, however, the cloud is still not the answer. But even on-premises services need modern solutions to protect them. This is why Pekao decided to partner with Yubico when they needed to secure their privileged resources and critical infrastructure. 

Pekao, setting trends for the industry 

Bank Pekao S.A. was founded in 1929. With 5.5 m individual customers and working with 50% of Polish corporations, it is one of the largest banks in Poland. Specializing in private banking, asset management, and brokerage, the Bank is also one of the largest financial institutions in Central & Eastern Europe. 

Go Passwordless program 

Since Predica cooperated with Pekao in the past, we were able to recommend a solution that would work well with their existing environment. The company was the perfect candidate for the Go Passwordless program run by Microsoft and Yubico.  

Microsoft has partnered with Yubico to enable passwordless login to Azure Active Directory. Both companies, together with companies in the FIDO Alliance, developed a new FIDO2 open authentication standard to allow secure authentication using hardware instead of passwords.

Pekao needed to secure access to its servers with a modern solution providing multi-factor authentication capabilities. As a large organization operating in a regulated industry, they were looking for a reliable way of protecting their data from outside interference. Hardware-based MFA was the ideal solution, so they decided to join the program. Pekao’s server administrators received high-specification access keys which were configured to secure the environment.  

What’s next for Pekao? 

Authentication using YubiKeys minimizes the risk of external access to sensitive business information. As a result, customer and other important business data are virtually unreachable to unauthorized parties or without physical presence. 

As a long-time partner of Pekao, we are proud to support them in their passwordless journey, providing guidance and assistance in case of problems. 


Looks interesting? Book a free scoping call to see what we can do for you!

Stay up to date with the latest cloud insights from our CTO