Rockwell Automation implements PAM without sacrificing productivity

Innovative Industrial Automation Provider Utilizes CyberArk to Manage and Standardize Privileged Access.

Project Manager and IT Engineer Having Discussion In the System Control Room

Company profile

Founded in 1903 and headquartered in Milwaukee, Wisconsin, Rockwell Automation Inc. provides industrial automation and digital transformation solutions in the United States and internationally. The company operates in three segments, Intelligent Devices, Software & Control, and Lifecycle Services.
– Employees: 23,000
– Annual Revenue: $6.69 billion USD

Challenges

Secure Privileged Accounts, Automate Password Management and Provide Metrics For Success

One of Rockwell Automation’s most important IT priorities was to proactively identify the privileged access risk while ensuring that all accounts complied with regular but flexible password policies. With multiple employees, servers, privileged accounts and password policies established across their platforms, standardization and control would be imperative to ensuring that Rockwell identified and mitigated the risks associated with unmanaged privileged accounts. The company sought a solution to enforce and automate role-based privileged access control and policies in order to secure accounts, mitigate password vulnerabilities and support audit and compliance requirements such as those defined within Cobit’s DS5.4 User Account Management.

Moreover, reflective of Rockwell’s process- oriented business, the company required detailed access to metrics that demonstrated the extent of privilege access vulnerabilities, including any risks associated with unmanaged accounts and administrative rights.

Solutions

Implementing Security Best Practices: Achieving Business Continuity By Automating Privileged Access Management

For Rockwell Automation, the only solution considered was the CyberArk Privileged Access Manager Solution. After analyzing the product, Rockwell immediately recognized that the CyberArk solution enables a proactive and automated approach to privileged access management—ensuring security best practices across multiple IT teams and both Windows and Unix environments. Moreover, further supporting best practices and business continuity, Rockwell was able to integrate the CyberArk solution with existing security tools, including vulnerability management for deeper, authenticated scans and collection of privileged activity within their Security Information and Event Management (SIEM).

In just two months, thanks in part to CyberArk’s technical resources, the company was able to fully implement the solution. With solid role definitions integrated with SailPoint’s IIQ suite, Rockwell was able to reduce operational costs by improving the onboarding process and streamlining privileged access through CyberArk’s Privileged Access Manager Solution.

“CyberArk has delivered excellent product features, which are streamlined to scale throughout the organization,” commented Jayne Little, Information Security Engineer (Privileged Access) at Rockwell Automation. “CyberArk’s solutions have proved much faster to deploy than other security tools, giving us good quality insight within a short time period.”

Risk Identification and Assessment: CyberArk’s Auto-Discovery Tools Enable A Holistic Understanding Of Rockwell’s “Privileged” Risk

Another important component of Rockwell’s deployment involved the company’s focus on organizational risk identification and assessment. With the CyberArk solution, Rockwell can proactively identify and assess security vulnerabilities and risks in near real-time.

This functionality also includes, of course, the ability to identify and automatically provision privileged accounts through CyberArk’s auto-discovery capabilities. With the CyberArk Privileged Access Manager Solution, the company can also establish and meet metrics by identifying, managing, securing and provisioning all privileged accounts in a regular and controlled fashion, while also guaranteeing that privileged credentials adhere to defined security policies to better manage and assess risks associated with privileged accounts.

The company also plans to deploy CyberArk’s Discovery & Audit (CyberArk DNA™) solution to complement the Privileged Access Manager Solution and scan and analyze privileged accounts across their networks to develop a more complete understanding of the security risks that privileged accounts present to their IT environment.

Results

Standardization, Control And Collaboration— A Unique And Productive User Experience

Most importantly, since implementation Rockwell has met their primary goals: standardization, control and cross-team collaboration. CyberArk creates a unified accountability and control point over all privileged accounts. In addition, Rockwell has established security best practices across their computing environments, including a renewed focus on regular inventory “clean up,” as well as automated password change policies based on pre-defined rules. In terms of collaboration, the CyberArk solution has satisfied Rockwell’s requirement of an agile solution that can be deployed and accessed across multiple teams.

“We view our relationship with CyberArk as a partnership. Their technical expertise enables our team to look at our security problems in new and different ways— essentially providing us with quality insight in short time periods to ensure security best practices.”

– Jayne Little, Information Security Engineer (Privileged Access), Rockwell Automation

Rockwell continues to achieve business continuity by automating this password management process and providing IT admins with personalized workflows for quicker access, improved usability and greater operational efficiency. Finally, it is important to convey that CyberArk’s solution provides Rockwell with an unprecedented level of visibility into their security risks. No matter the function of the employee—risk, compliance, security and/or IT—Rockwell’s team continues to engage with the product to identify new problem areas, risks and potential solutions. This usability continues to increase demand for CyberArk’s solutions across their organization.

Key benefits

  • Standardization and automated password management for reduced risk around privileged accounts
  • Enforcement of role-based privileged access control while creating smoother work processes
  • Proactive management of privileged access, accounts and activity—enabling audit

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey