CyberArk Case Studies Secureitsource

Edit This Case Study Record

	Secureitsource CyberArk

Secureitsource

CyberArk

Technology Category	Cybersecurity & Privacy - Endpoint Security Cybersecurity & Privacy - Identity & Authentication Management
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation Quality Assurance
Services	System Integration Software Design & Engineering Services
Challenge	A Financial Institution overwhelmed with the administrative privileges sprawled across their end-user environment needed a solution which would reduce the attack surface these network entry points exposed without affecting the strict Service Level Agreement’s (SLA’s) they have with their customers. With thousands of applications in use, the company’s immediate need was to remove local administrative rights from end-user machines. This was necessary to prevent end-users from granting themselves privileged access to applications they hadn’t been authorized to use. Since both Windows and Mac computers were being used to access applications, they needed a solution that would account for both operating systems. Beyond reducing insider risk, the lack of controls around local privilege management could also make it easy for attackers to establish a foothold in the company through these machines, escalate privileges and move laterally across the environment until a jackpot of data is discovered that can be exfiltrated outside of the network. To add to this, the institution needed to implement a simple process for their users to request access to the applications they may have had unrestricted access to previously, but are now being restricted by the solution. The goal was to keep the users with the minimum rights they needed to do their day to day tasks. Read More
About Customer	The customer is a large financial institution with over 10,000 employees. They operate in the consumer financial industry and are responsible for managing a vast array of financial services and products. The institution is highly regulated and must adhere to strict Service Level Agreements (SLAs) with their customers. They have a complex IT environment with thousands of applications in use, accessed by both Windows and Mac computers. The institution faced significant challenges with administrative privileges sprawled across their end-user environment, which posed a substantial security risk. They needed a solution to reduce the attack surface without affecting their SLAs and to manage local administrative rights effectively. The institution sought to implement a solution that would allow end-users to stay productive while ensuring robust security measures were in place. Read More
Solution	SecureITsource partnered with the financial institution to implement CyberArk’s Endpoint Privilege Manager solution. This solution was chosen to take control of the privilege issue while allowing end-users to stay productive. SecureITsource analyzed the company’s requirements and recommended CyberArk Endpoint Privilege Manager as the solution of choice. After reviewing the functionality of CyberArk, the company realized that beyond controlling privilege escalation, the detailed device and application inventories would be a large improvement to their security operations. During the implementation, the company’s security engineers found that the Endpoint Privilege Manager’s “monitor-only” mode was crucial to the project’s success as they were able to deploy the solution into production while simultaneously testing policies. This allowed SecureITsource and the company to test the impact of the access policies without affecting anything in the environment, ultimately releasing a production-tested solution in a short time frame. SecureITsource utilized its understanding of the CyberArk solution as well as role-based access control (RBAC) to design access policies for standard users, developers, desktop support users, and more. This granted the correct user’s access to the applications they needed on day one and reduced the need for users to request access overall. Moreover, SecureITsource worked to integrate Endpoint Privilege Manager with the company’s existing SIEM solution – delivering another boost to the company’s security operations by providing detailed logs and metrics of privileged activity throughout the organization. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Endpoint Security

Cybersecurity & Privacy - Identity & Authentication Management

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Quality Assurance

Services

System Integration

Software Design & Engineering Services

Challenge

A Financial Institution overwhelmed with the administrative privileges sprawled across their end-user environment needed a solution which would reduce the attack surface these network entry points exposed without affecting the strict Service Level Agreement’s (SLA’s) they have with their customers. With thousands of applications in use, the company’s immediate need was to remove local administrative rights from end-user machines. This was necessary to prevent end-users from granting themselves privileged access to applications they hadn’t been authorized to use. Since both Windows and Mac computers were being used to access applications, they needed a solution that would account for both operating systems. Beyond reducing insider risk, the lack of controls around local privilege management could also make it easy for attackers to establish a foothold in the company through these machines, escalate privileges and move laterally across the environment until a jackpot of data is discovered that can be exfiltrated outside of the network. To add to this, the institution needed to implement a simple process for their users to request access to the applications they may have had unrestricted access to previously, but are now being restricted by the solution. The goal was to keep the users with the minimum rights they needed to do their day to day tasks.

About Customer

The customer is a large financial institution with over 10,000 employees. They operate in the consumer financial industry and are responsible for managing a vast array of financial services and products. The institution is highly regulated and must adhere to strict Service Level Agreements (SLAs) with their customers. They have a complex IT environment with thousands of applications in use, accessed by both Windows and Mac computers. The institution faced significant challenges with administrative privileges sprawled across their end-user environment, which posed a substantial security risk. They needed a solution to reduce the attack surface without affecting their SLAs and to manage local administrative rights effectively. The institution sought to implement a solution that would allow end-users to stay productive while ensuring robust security measures were in place.

Solution

SecureITsource partnered with the financial institution to implement CyberArk’s Endpoint Privilege Manager solution. This solution was chosen to take control of the privilege issue while allowing end-users to stay productive. SecureITsource analyzed the company’s requirements and recommended CyberArk Endpoint Privilege Manager as the solution of choice. After reviewing the functionality of CyberArk, the company realized that beyond controlling privilege escalation, the detailed device and application inventories would be a large improvement to their security operations. During the implementation, the company’s security engineers found that the Endpoint Privilege Manager’s “monitor-only” mode was crucial to the project’s success as they were able to deploy the solution into production while simultaneously testing policies. This allowed SecureITsource and the company to test the impact of the access policies without affecting anything in the environment, ultimately releasing a production-tested solution in a short time frame. SecureITsource utilized its understanding of the CyberArk solution as well as role-based access control (RBAC) to design access policies for standard users, developers, desktop support users, and more. This granted the correct user’s access to the applications they needed on day one and reduced the need for users to request access overall. Moreover, SecureITsource worked to integrate Endpoint Privilege Manager with the company’s existing SIEM solution – delivering another boost to the company’s security operations by providing detailed logs and metrics of privileged activity throughout the organization.

Impact #1	SecureITsource completely removed local administrative rights from all the company’s user-facing endpoints with minimal impact.
Impact #2	The solution resulted in reduced calls to the helpdesk and the company was able to use the access policies SecureITsource established to continuously improve and adapt their policies going forward.
Impact #3	The company now has visibility into all their applications, something they did not have before, and are able to utilize that information to make policy decisions.

Impact #1

SecureITsource completely removed local administrative rights from all the company’s user-facing endpoints with minimal impact.

Impact #2

The solution resulted in reduced calls to the helpdesk and the company was able to use the access policies SecureITsource established to continuously improve and adapt their policies going forward.

Impact #3

The company now has visibility into all their applications, something they did not have before, and are able to utilize that information to make policy decisions.

Benefit #1	In three short months, SecureITsource completely removed local administrative rights from all the company’s user-facing endpoints.

Benefit #1

In three short months, SecureITsource completely removed local administrative rights from all the company’s user-facing endpoints.

Download PDF Version

Overview

Secureitsource

Operational Impact

Quantitative Benefit