BeyondTrust Case Studies Managing Passwords & Local Administration Rights: a Two-Step Approach to a Secure Workflow

Edit This Case Study Record

	Managing Passwords & Local Administration Rights: a Two-Step Approach to a Secure Workflow BeyondTrust

Managing Passwords & Local Administration Rights: a Two-Step Approach to a Secure Workflow

BeyondTrust

Technology Category	Cybersecurity & Privacy - Identity & Authentication Management
Use Cases	Cybersecurity
Challenge	The company was facing a significant challenge in managing password vulnerabilities and local administration rights, which were identified as the two biggest security holes. The company's InfoSec team was constantly putting out fires, dealing with security issues as they arose, but there was no strategic approach to preventing these issues from occurring in the first place. The company needed a solution that would allow them to take a proactive approach to security, reducing the attack surface within their infrastructure and preventing breaches before they happened. Read More
About Customer	The customer in this case study is an unnamed high-tech company. The company had a significant issue with information security, with a focus on putting out fires rather than preventing them. The company's CISO had a team with clearly defined roles, but their sole focus was on dealing with issues as they arose, rather than looking at the bigger picture. The company needed a solution that would allow them to take a proactive approach to security, reducing the attack surface within their infrastructure and preventing breaches before they happened. Read More
Solution	The solution to the company's problems was privileged access management (PAM), specifically the BeyondTrust platform. BeyondTrust was chosen after a two-week 'bake-off' comparing it with a competing product. The platform was rolled out gradually, starting with the C-suite and the InfoSec team, then moving on to early-adopter system administrators. BeyondTrust allowed the company to establish a hierarchy of access privileges, with applications being whitelisted, blacklisted, or graylisted as necessary. The platform also allowed the company to monitor the applications and upgrades being installed by employees, and to generate daily reports for review. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Identity & Authentication Management

Use Cases

Cybersecurity

Challenge

The company was facing a significant challenge in managing password vulnerabilities and local administration rights, which were identified as the two biggest security holes. The company's InfoSec team was constantly putting out fires, dealing with security issues as they arose, but there was no strategic approach to preventing these issues from occurring in the first place. The company needed a solution that would allow them to take a proactive approach to security, reducing the attack surface within their infrastructure and preventing breaches before they happened.

About Customer

The customer in this case study is an unnamed high-tech company. The company had a significant issue with information security, with a focus on putting out fires rather than preventing them. The company's CISO had a team with clearly defined roles, but their sole focus was on dealing with issues as they arose, rather than looking at the bigger picture. The company needed a solution that would allow them to take a proactive approach to security, reducing the attack surface within their infrastructure and preventing breaches before they happened.

Solution

The solution to the company's problems was privileged access management (PAM), specifically the BeyondTrust platform. BeyondTrust was chosen after a two-week 'bake-off' comparing it with a competing product. The platform was rolled out gradually, starting with the C-suite and the InfoSec team, then moving on to early-adopter system administrators. BeyondTrust allowed the company to establish a hierarchy of access privileges, with applications being whitelisted, blacklisted, or graylisted as necessary. The platform also allowed the company to monitor the applications and upgrades being installed by employees, and to generate daily reports for review.

Impact #1	The company was able to turn around their InfoSec culture and processes, making their infrastructure much more secure.
Impact #2	Employees began taking password management and local access privileges seriously.
Impact #3	The restrictions imposed by adopting PAM freed everyone in the company to focus on using IT to improve business practices instead of worrying about potential breaches.

Impact #1

The company was able to turn around their InfoSec culture and processes, making their infrastructure much more secure.

Impact #2

Employees began taking password management and local access privileges seriously.

Impact #3

The restrictions imposed by adopting PAM freed everyone in the company to focus on using IT to improve business practices instead of worrying about potential breaches.

Download PDF Version

Overview

Managing Passwords & Local Administration Rights: a Two-Step Approach to a Secure Workflow

Operational Impact