CyberArk Case Studies National Gypsum Relies on CyberArk for Improved Security and Compliance

Edit This Case Study Record

	National Gypsum Relies on CyberArk for Improved Security and Compliance CyberArk

National Gypsum Relies on CyberArk for Improved Security and Compliance

CyberArk

Technology Category	Cybersecurity & Privacy - Identity & Authentication Management Cybersecurity & Privacy - Security Compliance
Applicable Industries	Construction & Infrastructure
Applicable Functions	Business Operation Quality Assurance
Services	System Integration Cybersecurity Services Software Design & Engineering Services
Challenge	National Gypsum faced significant security and compliance challenges due to the lack of management and monitoring of privileged accounts. The company used a single 'domain admin' level account across all applications and servers, with poorly documented and infrequently changed passwords. This created substantial database vulnerabilities and compliance weaknesses. The CFO and controller demanded that IT pass audits related to access control, but the existing setup posed a high risk of security breaches. Recovery from a serious security compromise could be devastating, as changing compromised account passwords would break the systems where they were embedded. Read More
About Customer	National Gypsum Company is a leading manufacturer of building products, including gypsum wallboard and cement board. Headquartered in Charlotte, North Carolina, the company operates 43 facilities across North America and employs over 1,900 people. As one of the world's top producers of gypsum board, National Gypsum is a fully integrated manufacturer, providing a range of construction materials. The company faced significant security and compliance challenges, particularly in managing privileged accounts, which led them to seek a robust solution to enhance their security posture and meet compliance requirements. Read More
Solution	National Gypsum implemented the CyberArk Privileged Access Security Solution to manage nearly 2,000 passwords, ensuring they are automatically updated, changed at regular intervals, and fully auditable. The solution integrated with Active Directory to streamline role management and improve operational efficiency. Additionally, the company set up new Active Directory accounts for different roles and environments, adopting a least privilege strategy to grant access only as needed. The CyberArk Application Access Manager was integrated with Opalis, a process automation system, to remove hard-coded passwords from automation tasks and ensure business continuity even during network outages. This comprehensive approach significantly improved security and compliance, allowing National Gypsum to pass audits and enhance overall operational efficiency. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Identity & Authentication Management

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Construction & Infrastructure

Applicable Functions

Business Operation

Quality Assurance

Services

System Integration

Cybersecurity Services

Software Design & Engineering Services

Challenge

National Gypsum faced significant security and compliance challenges due to the lack of management and monitoring of privileged accounts. The company used a single 'domain admin' level account across all applications and servers, with poorly documented and infrequently changed passwords. This created substantial database vulnerabilities and compliance weaknesses. The CFO and controller demanded that IT pass audits related to access control, but the existing setup posed a high risk of security breaches. Recovery from a serious security compromise could be devastating, as changing compromised account passwords would break the systems where they were embedded.

About Customer

National Gypsum Company is a leading manufacturer of building products, including gypsum wallboard and cement board. Headquartered in Charlotte, North Carolina, the company operates 43 facilities across North America and employs over 1,900 people. As one of the world's top producers of gypsum board, National Gypsum is a fully integrated manufacturer, providing a range of construction materials. The company faced significant security and compliance challenges, particularly in managing privileged accounts, which led them to seek a robust solution to enhance their security posture and meet compliance requirements.

Solution

National Gypsum implemented the CyberArk Privileged Access Security Solution to manage nearly 2,000 passwords, ensuring they are automatically updated, changed at regular intervals, and fully auditable. The solution integrated with Active Directory to streamline role management and improve operational efficiency. Additionally, the company set up new Active Directory accounts for different roles and environments, adopting a least privilege strategy to grant access only as needed. The CyberArk Application Access Manager was integrated with Opalis, a process automation system, to remove hard-coded passwords from automation tasks and ensure business continuity even during network outages. This comprehensive approach significantly improved security and compliance, allowing National Gypsum to pass audits and enhance overall operational efficiency.

Impact #1	Rapid time-to-value with the CyberArk solution.
Impact #2	Improved workforce efficiencies through better access control.
Impact #3	Application passwords are now generated for all new projects, enhancing security.

Impact #1

Rapid time-to-value with the CyberArk solution.

Impact #2

Improved workforce efficiencies through better access control.

Impact #3

Application passwords are now generated for all new projects, enhancing security.

Benefit #1	Successfully passed a privileged and production account management audit for the first time.

Benefit #1

Successfully passed a privileged and production account management audit for the first time.

Download PDF Version

Overview

National Gypsum Relies on CyberArk for Improved Security and Compliance

Operational Impact

Quantitative Benefit