GLOBAL REAL ESTATE SERVICES ENHANCES SECURITY BY INTEGRATING MFA AND PAM CONTROLS

Global Real Estate Services Leverages The CyberArk-Okta Integration To Protect Privileged Access

Global-Real-Estate-hero

COMPANY PROFILE

Focused on empowering independent sales agents to best serve today’s consumers, a leading residential real estate services provider delivers brokerage, franchising, relocation, mortgage and title and settlement services around the globe through its well-known industry brands. A long-time CyberArk customer, the organization recently implemented an additional layer of security to protect its most sensitive privileged account information.

Employees: 288,000

CHALLENGES

According to the 2017 Verizon Data Breach Investigative Report, 81 percent of data breaches involve weak or stolen credentials. Understanding that many cyber attackers focus their efforts on harvesting privileged credentials, the real estate services company has trusted CyberArk for more than six years to protect, control and monitor privileged access to critical information—including 500+ systems and one of its primary data centers.

In the past three years, the organization has accelerated its move to the cloud to improve efficiencies, scale processes, deliver enhanced client services and maintain its edge in the ultra-competitive real estate market. “The cloud is powering a wave of real estate technology disruption,” says the organization’s lead systems engineer “Yet despite its many benefits, the cloud’s multiplier effect has created exponentially more privileged account credentials and secrets that are highly targeted by attackers and need to be properly managed and protected.”

As part of their cloud journey, the organization’s security team sought a way to further enhance security around these powerful, privileged account credentials through an additional, complementary security layer: multi-factor authentication (MFA).

SOLUTIONS

After an exploratory phase, the organization selected Okta to support its comprehensive MFA approach.

“After testing Okta Adaptive Multi-Factor Authentication with Azure and Exchange Online, we were impressed with the reliability and flexibility of the solution and began sending nearly all of our applications to Okta for authentication,” says the systems engineer. Today, employees can access virtually all of their applications—from internally managed applications such as email to externally managed applications like AWS and a third-party benefits portal—through a user-friendly landing page.

The CyberArk Okta integration helped secure and centralize authentication to resources throughout the organization via a single sign-on to the CyberArk solution. The integration was timed with an upgrade to the latest version of the CyberArk Privileged Access Manager Solution.

“Thanks to straightforward documentation and helpful support on both sides, the CyberArk Okta integration deployment was simple and pain-free. It took less than half a day to get up and running.”

Lead Systems Manager, Global Real Estate Services Company

As part of this seamless integration, the CyberArk Privileged Access Manager Solution was added to the organization’s Okta application management dashboard. The CyberArk solution enables the security team to efficiently manage privileged credentials and access rights, while proactively monitoring and controlling privileged activity. Through SAML integration, Okta’s Adaptive Multi-Factor Authentication solution hardens access to the CyberArk Enterprise Password Vault by enforcing MFA policies based on device, user and location attributes. This integral security layer ensures that only authorized privileged users can access their accounts.

RESULTS

The CyberArk Okta integration has helped the organization reduce the risk of a breach due to compromised credentials and unauthorized access. Today, Okta authenticates all users to the CyberArk solution. Real-time security reporting of authentication and access events gives the team additional visibility and insight into user access details.

Through a secure integration to AD/LDAP, CyberArk and Okta provide secure directory integration, allowing admins to set password complexity and customizable policies—helping the team effectively balance security and end-user productivity and experience.

The integration has also helped the organization to automate its provisioning processes. Active Directory security groups now handle provisioning of accounts and delegation of access to the CyberArk solution, which has eliminated manual management and resulted in significant time savings for the security team.

The joint solution has also aided the organization in reducing identity sprawl by restricting access to services via intelligent SAML connections.

Based on this successful integration and its continued, long-term success with CyberArk, the organization has plans to expand its privileged access management program. The team is actively exploring new use cases for CyberArk Privileged Session Manager, which helps isolate, monitor and control privileged access activity, as well CyberArk Privileged Threat Analytics, which helps detect, alert and respond quickly to high-risk activity.

KEY BENEFITS

  • Fast, seamless integration in less than half a day
  • Fully automated, customizable provisioning for users
  • Deep visibility and insight into user access details
  • An additional layer of security for sensitive privileged account information

TALK TO AN EXPERT

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey