Municipal Office in Zbaszyn: Rublon MFA Case Study

Last updated on December 15, 2025

The Municipal Office in Zbaszyn Secured Its Infrastructure With Rublon MFA

The Zbaszyn Municipal Office uses Rublon MFA to protect sign-ins to Windows 10 and 11 workstations, VPN connections (both internal and those of cooperating entities), and administrative access via RDP and SSH. The IT team also uses Rublon MFA to protect access to its specialized systems.

User identities from Active Directory are synchronized to the Rublon Admin Console using the Active Directory Sync.

The most popular authentication method is Mobile Push, available in the Rublon Authenticator app installed on employees’ private phones. In individual cases, FIDO and Email Link authentication methods are also used.

The deployment is reinforced by access policies available in the Rublon MFA solution. Policies make it possible to optimize available authentication methods and to remember users’ devices for a specified time, improving flexibility and convenience.

Bypass codes and transparent authentication logs improved the municipal government’s cyber posture and facilitated achieving compliance with the GDPR, Poland’s National Interoperability Framework (KRI), and Poland’s National Cybersecurity System Act (KSC).

“Multi-factor sign-in has become second nature for both the IT department and regular users. The solution is very intuitive and easy to use. Multi-step authentication on workstations and in applications at our office doesn’t cause problems or delays in performing duties. Rublon MFA is often unnoticed and has become an integral part of our daily work and identity verification.”

Marcin Klorek

Head of the IT Department at the Municipal Office in Zbaszyn

Objectives

Protect sign-ins to Windows 10 and 11 workstations for all employees.

Secure VPN connections (own and partners’) and administrative access (RDP/SSH and web IT tools).

Integrate with the local Active Directory and automatically synchronize users.

Ensure compliance (GDPR, KRI, KSC) and resilience to modern attack vectors.

Results

Strong MFA (primarily Mobile Push) for key infrastructure elements; optional YubiKey and Email Link as complementary methods.

Security policies enable flexible selection of authentication methods and temporary MFA bypass on workstations with no substantial drop in security.

Bypass codes as a business continuity mechanism.

Full transparency thanks to authentication logs in the Rublon Admin Console.

Simple, fast deployment completed in 4 days, including IT and end-user training.

Customer

Name:
Zbaszyn Municipal Office

Industry:
Public administration / local government

Location:
Zbaszyn, Poland

Website:
https://zbaszyn.pl/

Description:
A local government unit responsible for providing public services, assisting residents, and supporting local institutions and partner organizations.

“The deployment at the Zbaszyn Municipal Office was a process whose outcome surprised everyone. Employees embraced the extended authentication method with enthusiasm, which was the result of targeted education at the start of the rollout. The IT team gained not only better risk analysis indicators for protecting systems and data, but above all an intuitive system for managing user identities across the entire technology stack.”

Piotr Wojtasik

Owner of Cloud Spare and the engineer responsible for implementing Rublon MFA at the Zbaszyn Municipal Office

The Challenge

Regulatory Compliance

The municipality had to standardize “strong authentication” across the organization and simplify achieving compliance with the GDPR, KRI, and KSC. In the background were growing expectations regarding essential entities providing critical and important services in the public sector, as outlined by the NIS2 directive, and an overall strategy for increasing resilience to digital threats.

Resilience to Cyberattacks

Priorities included reducing the risk of account takeovers, cyberattacks by criminal groups, ransomware, and incidents leading to data breaches. Protection had to cover administrators, standard users, and selected access for external contractors.

Easy Deployment and Management

The municipal office expected a short deployment timeline, predictable costs, and smooth integration with existing services: Active Directory, VPN, Windows, and SSH. An additional requirement was the ability to automatically synchronize users from Active Directory to the MFA solution to streamline enrollment and user management.

The Solution

The Zbaszyn Municipal Office deployed Rublon MFA.

Key reasons for choosing Rublon MFA included: integration with AD and VPN, the convenient Mobile Push method (with in-app biometric protection), support for FIDO2 hardware keys, and the ability to apply security policies and bypass codes. Rublon’s multi-factor authentication was used to protect employee sign-ins to Windows workstations, VPN connections, and administrative access (RDP to Windows servers, SSH to Linux servers, plus web IT tools).

Cost-Effective Centrally Managed MFA

The municipality did not need to invest in costly infrastructure. Thanks to the Rublon Authenticator mobile app, most users can safely use their private phones as authentication factors in line with the Bring Your Own Device (BYOD) approach. YubiKey hardware keys and email-based authentication serve as complementary methods, allowing authentication to be tailored to employee roles, as well as the current needs and requirements of the municipality.

Integration With Services and Synchronization of Users From Active Directory

Rublon MFA was integrated with Active Directory, VPN, and administrative services. In addition, the Directory Sync was used to synchronize users from Active Directory to the Rublon Admin Console, eliminating the need for both manual user creation and gradual enrollment.

Rublon MFA accelerated the process of introducing MFA in the municipality and enabled full deployment in just 4 days (including time for administrator training and installing the mobile app on employees’ phones).

Achieving Compliance with the GDPR, KRI, and KSC

Implementing Rublon MFA enabled the local government to meet key security requirements mandated by national regulations.

The solution directly fulfills the Krajowe Ramy Interoperacyjności (KRI) requirements related to access rights management and protecting systems against unauthorized access.

Moreover, in accordance with the requirements of the Act on the National Cybersecurity System (KSC), Rublon MFA constitutes an adequate and proportionate technical measure supporting access control, data protection, and secure electronic communication, thus effectively minimizing the risk of an incident. Once the KSC Act is amended in accordance with the NIS2 Directive, all new multi-factor authentication requirements will be automatically fulfilled thanks to the deployment of Rublon MFA.

Rublon’s multi-factor login abides by the “privacy by design” GDPR principle, reducing the risk of unauthorized access to personal data.

During supervisory audits, the municipality can present complete MFA logs, policies, and procedures, documenting compliance with each required regulation without incurring additional costs.

The Benefits of Implementing Rublon MFA

Full regulatory compliance	Easier fulfillment of GDPR, KRI, and KSC requirements thanks to strong MFA, access policies, and authentication logs.
Clear reduction of account takeover and ransomware risk	Multi-factor authentication significantly hinders account takeovers and the initial vector for ransomware attacks in the office environment.
One console, zero overhead	Synchronization with Active Directory eliminates the need for administrators to create accounts manually; all changes in AD are reflected in Rublon MFA.
Convenient login for employees	Mobile Push provides quick, one-tap access, while YubiKeys ensure phishing-resistant protection where required.
Flexible policies and business continuity	Remembered devices and bypass codes ensure business continuity.

The Outcome

Rublon MFA helped standardize and simplify strong authentication for the entire staff of the municipal office, as well as selected external contractors. Thanks to integration with Active Directory and VPN, clear security policies, and authentication logs, the municipal office increased its cyber resilience without slowing users down. The deployment delivered tangible security benefits and supported fulfillment of GDPR, KRI, and KSC requirements.