Strong and secure IT platform
BEC delivers solid and secure IT operations with extremely high availability. At the same time, BEC is streamlining and modernizing its joint IT operations for small and large banks.
BEC is a large-scale business that supports small and large customers’ growth with common, cost-effective IT operations. BEC continuously reduces operating costs by optimizing processor consumption, server capacity and disk capacity through stronger processes and systems.
At the same time, it requires large, updated technological muscles to run and develop a robust, cost-effective IT platform with more than 200 different business services, 2.3 million active bank customers, 6.5 million active bank accounts and billions of database calls every day
Trust in stable operations
Uptime, safety and speed are fundamental factors for BEC’s customers to run and develop their businesses.
It is, therefore, a core task for BEC to maintain this solid operation, not least together with the subcontractor JN Data, which handles IT operations for BEC and a large part of the Danish financial sector in general.
New, open architecture
At the same time, BEC is replacing and renewing its most important technologies towards a new, open architecture: The car must run smoothly while BEC modernizes the engine, part by part.
It requires a forward-looking technological transformation to act in a time when data volumes and analysis needs are exploding, cyber threats are rising, regulatory requirements are growing, and operations must flexibly support agile development with short time-to-market.
Persistent and methodical security work
BEC is investing significantly in cyber security.
23 percent of Denmark’s population and 31 percent of Danish companies have their main bank connection in a bank on BEC’s IT platform.
BEC also operates IT systems for other key players in Denmark’s financial infrastructure.
BEC’s risk management is therefore part of our customers’ control and follow-up on their operational risks.
BEC is subject to the ‘Executive Order on System Audit Implementation in Shared Data Centers’. It follows that BEC’s security is controlled by internal and external system audits. BEC is also under the supervision of the Danish Financial Supervisory Authority.
The executive board prepares BEC’s security policy, which is approved by the board of directors. The policy also applies to outsourcing and other partners. BEC works in accordance with recognized international standards, including DS/ISO/IEC 27001: 2017. Regarding cyber security, BEC also uses the recognized NIST framework from the American National Institute of Standards and Technology.
BEC annually prepares a risk assessment for the board of directors and a quarterly status of the risk assessment for the executive board. The purpose of the risk assessment is to document a precise and accurate security picture, to assess the IT risks that may impact BEC and BEC’s customers critically or seriously, and to verify that BEC’s security foundation matches the threats, and that the inherent residual risk is clearly identified.
BEC participates in the Financial Sector Forum for Operational Robustness (FSOR), which has been established at the initiative of Danmarks Nationalbank, and Nordic Financial CERT, which is a Nordic sector collaboration.