Syskit Point’s reporting helps Zagreb Airport fully meet ISO 9001 compliance requirements in Microsoft 365

Zagreb Airport case study
With a flow of up to 3.4 million passengers in 2019, Zagreb Airport is Croatia’s main international airport. It seeks to keep pace with digital transformation trends, including the optimization of its Microsoft 365 environment.
Zagreb Airport must store documents according to ISO 9001 certification requirements and stay ahead of potential security breaches, such as unauthorized document sharing with external users. The company also needs to optimize costs across its Microsoft 365 workspaces.
Syskit Point’s reports allow Zagreb Airport to understand and control user access to sensitive documents. With proactive reports, the employees receive alerts on malicious external sharing activities in its M365 tenant. They reassign, manage, and cut underused M365 user licenses just as easily.
Thanks to Syskit Point, Zagreb Airport saves hours on complex user management and manually extracting data for compliance reports. The employees react to external file sharing within seconds and avoid unnecessary costs on unoptimized user licenses.


A reconstructed, state-of-the-art passenger terminal at Zagreb Airport opened its doors to passengers in March 2017. Covering a surface area of 65,000 m2, Franjo Tudjman Airport can welcome 5 million passengers a year at its peak capacity. Its opening announced a new dimension of airport operations, offering a completely different travel experience to its passengers.

Marin Tica

As its top priority, the company outlines customer satisfaction, service excellence, and continuous education of the employees, while providing high-quality facilities. The airport has so far been awarded the title of the Best Airport in Europe by Size and Region 2021 in the category of up to 5 million passengers, as well as the Most Improved Airport in Europe in a 2017 survey.

But they plan to fly even higher.

Zagreb Airport is preparing for every new tourist season by implementing solutions designed to modernize its operation processes. It has boosted its employee collaboration and efficiency by migrating its company data to Microsoft 365. The employees started to heavily rely on OneDrive and SharePoint Online for their daily activities. However, the shift to the cloud did not come without its challenges.

In order to maintain the satisfaction and standards that our passengers and customers expect from us, we are always in demand for solutions that will help us remain at the highest possible business and operational excellence.

Marin Tica, IT Director, Zagreb Airport


While having a single M365 tenant enables easy document management and collaboration, working in a single large tenant also adds significant complexity and a lack of visibility into the inventory.

Zagreb Airport is no exception.

As an ISO 9001 certificate holder, it must comply with the requirements for storing and organizing company data according to the certificate. It must also stay ahead of potential security breaches and ensure sensitive data protection in its complex M365 environment. Finally, it needs to optimize costs by cutting underutilized M365 licenses.

Zagreb Airport

Ensuring regulatory compliance

Strict ISO 9001 regulations have made Zagreb Airport more accountable for the protection of sensitive information, documentation storage, and management. The regulation was challenging to implement due to the complexity of Zagreb Airport’s M365 environment.

The company’s Group hierarchy consists of multiple Azure Active Directory groups which do not show individual members. When auditors asked about user access to the records and what kind of access they have, the responsible team lacked a centralized, single-view report showing all users and their permissions across the M365 environment. Instead, they spent hours retrieving the necessary data from each group, file, and folder.

Controlling external sharing and users

Sharing documents in M365 can create security concerns when data gets shared with an unauthorized party. To stay ahead of potential data breaches, Zagreb Airport was searching for a solution that would monitor and alert suspicious activities in its M365 environment without compromising on user collaboration.

Optimizing user and license management

Unoptimized Microsoft license management leads to not only underutilized licenses but also unnecessary costs. To increase its efficiency and avoid paying for ghost licenses, Zagreb Airport was looking for a way to retire or reassign unused licenses in a timely manner.


As a single platform covering all the challenges listed above, Zagreb Airport chose Syskit Point to resolve issues in its Microsoft 365 environment. The management platform for M365 enabled Zagreb Airport to get centralized visibility over the entire environment, making it easy to manage users, permissions, export reports, and cut costs.

“IT plays an important part in supporting any successful business today, and Syskit Point is the solution that fully meets our standards.”

Microsoft 365 access management & reporting

Syskit Point enables Zagreb Airport to easily control access privileges in its SharePoint intranet portal with the following capabilities:

  • Having a central report for user permissions and memberships across the company’s M365 environment.
  • Easily managing sub-portals with specific access rights, based on the division and role.
  • Applying permission settings based on the demands of the new department and role when users change jobs.
  • Quickly changing policies and user access using bulk management.

“I have scheduled reports for access and users, which allows us to periodically and on-demand check all user access and permissions. It dramatically reduced the time needed to perform this task and increased the security of the whole environment since it’s now basically always available instantly.”

Managing user permissions & ensuring regulatory compliance

Zagreb Airport utilizes Syskit Point’s scheduled automated reports for external and internal stakeholders, abiding by internal security procedures and external audit procedures. The scheduled PDF report enables to prove ISO 9001 compliance with a few clicks:

  • Detecting who has access to what across Zagreb Airport’s M365 environment.
  • Listing all users and their access to the right documents per the required standard in a single dashboard.
  • Checking permissions across the sites down to the file level and managing access directly from the report.

Boosting security by controlling external sharing

Syskit Point’s proactive alerts enable Zagreb Airport to detect unauthorized changes and prevent potential security threats. Here’s how:

  • Check each configuration and access update, content interaction, and security change in the company’s M365 environment.
  • Easily troubleshoot whenever an anonymous link is shared externally. Pinpoint the exact time and place of the issue and who was responsible for it.
  • React proactively upon any suspicious action and avoid security breaches by receiving alerts.

Just recently, our colleague from the operations department unintentionally shared an anonymous link through their OneDrive. I received a notification in my email and quickly established that it was a mistake that could lead to a major incident. Because of Syskit Point, it was resolved in a matter of minutes!

Kruno Blažinović, System Administrator, Zagreb Airport

Microsoft 365 license reporting & management

Syskit Point’s license usage and utilization reports provide a license overview in a single location. Zagreb Airport employees now understand what licenses are available for re-allocation and verify if all the assigned licenses are optimally used based on each user’s needs. They gained the ability to:

  • Report on the overall license status and cost in their company.
  • Keep track of unused and unassigned licenses.
  • Explore license usage by a particular Microsoft 365 service.
  • Create accurate license usage reports by department.
Franjo Tuđman airport


With technological innovations, Zagreb Airport has great potential to reach new heights of passenger service and quality.

Syskit Point supports its mission to soar without compromising user collaboration, data security, and overall efficiency.

Resulting in:

  • 1.
    Ensured data protection

    Reacting to sensitive data leaks in a matter of seconds.

  • 2.
    Increased security

    Ensuring that the right users have the right permissions.

  • 3.
    Reduced costs

    Maximizing license utilization and increasing operational excellence by reassigning unused licenses.

  • 4.
    Time-saving efficiency

    Exporting single-dashboard compliance reports in a few clicks and avoiding repetitive tasks. Managing user access in bulk, from a single interface.

Syskit Point enabled us to satisfy ISO 9001 compliance and auditing needs while dramatically improving tenant security and helped us to better manage our license utilization.

Marin Tica, IT Director, Zagreb Airport