Case Study: Arrow Global achieves secure, GDPR- and PCI-compliant collaboration with Netskope

Arrow achieves compliance under PCI-DSS and prevents insider threats

Arrow Global is a European credit and asset management firm operating across multiple countries where data protection and regulatory compliance are critical. Leadership wanted a single, modern collaboration platform to unite the "One Arrow" culture, but Workplace by Facebook’s native controls did not meet Arrow’s stringent GDPR, PCI-DSS and insider‑threat requirements, so the project needed a secure, compliant approach without undermining adoption.

Arrow delayed launch to implement a layered security solution: Okta for SSO and adaptive MFA, and Netskope for endpoint blocking, a reverse proxy and API‑level DLP and threat remediation, plus a tailored Acceptable Use Policy. The result: Workplace is now deployed on corporate devices with strong adoption, reduced internal email use, maintained usability with enhanced compliance, and plans to extend secure BYOD access and broader Netskope protections across the estate.

Arrow Global

Matthew O’Neill

Group Information Security Manager