CyberArk Case Studies McKesson Protects its Most Sensitive Data with CyberArk’s Secure, Compliant Sensitive Information Management Solution

Edit This Case Study Record

	McKesson Protects its Most Sensitive Data with CyberArk’s Secure, Compliant Sensitive Information Management Solution CyberArk

McKesson Protects its Most Sensitive Data with CyberArk’s Secure, Compliant Sensitive Information Management Solution

CyberArk

Technology Category	Cybersecurity & Privacy - Application Security Cybersecurity & Privacy - Identity & Authentication Management Cybersecurity & Privacy - Security Compliance
Applicable Industries	Healthcare & Hospitals Pharmaceuticals
Applicable Functions	Business Operation Quality Assurance
Services	Cybersecurity Services System Integration
Challenge	Members of McKesson’s legal department need to frequently exchange sensitive documents that contain financial data, intellectual property, and information about pending lawsuits. The information within these documents is typically highly sensitive and regulated. As such, the legal team needs to be sure that their documents are safe from unauthorized access and securely stored in a way that is compliant with industry regulations and standards. When the legal team began searching for a file sharing and storage solution, they required a system that would protect their most sensitive information from unauthorized access and that would meet compliance guidelines out-of-the-box. Specifically, the team needed a solution that offered granular access controls and enabled administrators to audit access to files without having access to the files themselves. After evaluating the options available, the legal team selected the CyberArk Sensitive Information Management Solution. Read More
About Customer	McKesson, one of the oldest and largest healthcare companies in the United States, distributes pharmaceuticals to retail and institutional pharmacies and provides software, services, and consulting to a variety of healthcare organizations. McKesson serves 50 percent of American hospitals and delivers one-third of all medications used in the United States each day. As a large, publicly traded healthcare company, McKesson has a significant amount of sensitive financial, personal, and patient health information that must be protected for both security and compliance purposes. Read More
Solution	CyberArk’s Sensitive Information Management Solution enables McKesson’s legal team to have confidence that their sensitive documents are both safe from unauthorized access and secured in a way that is compliant with applicable regulations. After deploying CyberArk’s Sensitive Information Management Solution, employees in McKesson’s legal department each gained access to his or her own private safe within the CyberArk Secure Digital Vault. Here, employees are now able to electronically store sensitive documents and have confidence that these documents will be safe from unauthorized access. The team also gained the ability to securely and compliantly share documents with each other and necessary outside parties. Further, because all activity is automatically tracked, the IT team is able to generate audit reports at any time to prove compliance. After seeing how well-received the CyberArk Sensitive Information Management Solution was within the legal department, the IT team realized they could leverage the same solution to solve a similar challenge elsewhere in the business. Members of the Board of Directors needed to exchange highly sensitive information with each other prior to board meetings, but electronic file transfer was considered too high risk due to the sensitivity of the files. As a result, the process of sharing sensitive information was manual, time-consuming, and cumbersome, and the board members wanted an easier alternative. With the infrastructure already in place, the IT team extended the use of CyberArk’s Sensitive Information Management Solution to McKesson’s Board of Directors. Now, thanks to the CyberArk solution, board members are able to quickly and easily share sensitive documents prior to board meetings without having to worry about unauthorized parties accessing their sensitive, regulated information. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Application Security

Cybersecurity & Privacy - Identity & Authentication Management

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Healthcare & Hospitals

Pharmaceuticals

Applicable Functions

Business Operation

Quality Assurance

Services

Cybersecurity Services

System Integration

Challenge

Members of McKesson’s legal department need to frequently exchange sensitive documents that contain financial data, intellectual property, and information about pending lawsuits. The information within these documents is typically highly sensitive and regulated. As such, the legal team needs to be sure that their documents are safe from unauthorized access and securely stored in a way that is compliant with industry regulations and standards. When the legal team began searching for a file sharing and storage solution, they required a system that would protect their most sensitive information from unauthorized access and that would meet compliance guidelines out-of-the-box. Specifically, the team needed a solution that offered granular access controls and enabled administrators to audit access to files without having access to the files themselves. After evaluating the options available, the legal team selected the CyberArk Sensitive Information Management Solution.

About Customer

McKesson, one of the oldest and largest healthcare companies in the United States, distributes pharmaceuticals to retail and institutional pharmacies and provides software, services, and consulting to a variety of healthcare organizations. McKesson serves 50 percent of American hospitals and delivers one-third of all medications used in the United States each day. As a large, publicly traded healthcare company, McKesson has a significant amount of sensitive financial, personal, and patient health information that must be protected for both security and compliance purposes.

Solution

CyberArk’s Sensitive Information Management Solution enables McKesson’s legal team to have confidence that their sensitive documents are both safe from unauthorized access and secured in a way that is compliant with applicable regulations. After deploying CyberArk’s Sensitive Information Management Solution, employees in McKesson’s legal department each gained access to his or her own private safe within the CyberArk Secure Digital Vault. Here, employees are now able to electronically store sensitive documents and have confidence that these documents will be safe from unauthorized access. The team also gained the ability to securely and compliantly share documents with each other and necessary outside parties. Further, because all activity is automatically tracked, the IT team is able to generate audit reports at any time to prove compliance. After seeing how well-received the CyberArk Sensitive Information Management Solution was within the legal department, the IT team realized they could leverage the same solution to solve a similar challenge elsewhere in the business. Members of the Board of Directors needed to exchange highly sensitive information with each other prior to board meetings, but electronic file transfer was considered too high risk due to the sensitivity of the files. As a result, the process of sharing sensitive information was manual, time-consuming, and cumbersome, and the board members wanted an easier alternative. With the infrastructure already in place, the IT team extended the use of CyberArk’s Sensitive Information Management Solution to McKesson’s Board of Directors. Now, thanks to the CyberArk solution, board members are able to quickly and easily share sensitive documents prior to board meetings without having to worry about unauthorized parties accessing their sensitive, regulated information.

Impact #1	Employees in McKesson’s legal department each gained access to their own private safe within the CyberArk Secure Digital Vault, allowing them to electronically store sensitive documents securely.
Impact #2	The legal team gained the ability to securely and compliantly share documents with each other and necessary outside parties.
Impact #3	All activity is automatically tracked, enabling the IT team to generate audit reports at any time to prove compliance.

Impact #1

Employees in McKesson’s legal department each gained access to their own private safe within the CyberArk Secure Digital Vault, allowing them to electronically store sensitive documents securely.

Impact #2

The legal team gained the ability to securely and compliantly share documents with each other and necessary outside parties.

Impact #3

All activity is automatically tracked, enabling the IT team to generate audit reports at any time to prove compliance.

Benefit #1	McKesson serves 50% of American hospitals.
Benefit #2	McKesson delivers one-third of all medications used in the United States each day.
Benefit #3	McKesson has 37,000 employees.

Benefit #1

McKesson serves 50% of American hospitals.

Benefit #2

McKesson delivers one-third of all medications used in the United States each day.

Benefit #3

McKesson has 37,000 employees.

Download PDF Version

Overview

McKesson Protects its Most Sensitive Data with CyberArk’s Secure, Compliant Sensitive Information Management Solution

Operational Impact

Quantitative Benefit