IIFL Group elevates endpoint protection and streamlines compliance with CyberArk

Summary

Endpoints are almost always the epicenter of breaches – and with complete administrative rights on their workstations, IIFL Group developers were the prime target for attackers. A strong foundation in cybersecurity was paramount to IIFL group’s success, and CyberArk Endpoint Privilege Manager (EPM) provided the company the capabilities to do so.

Using CyberArk EPM, IIFL group reduced their attack surface without affecting workforce productivity, streamlined compliance processes, and ensured a hassle-free user experience for their security teams.

Company profile

The IIFL Group encompasses several companies: IIFL Finance, IIFL Securities, 5Paisa, and Livlong.

IIFL Finance Limited stands out as a key player in India’s financial services sector. Alongside its subsidiaries— IIFL Home Finance Limited, IIFL Samasta Finance Limited (formerly Samasta Microfinance Limited), and IIFL Open Fintech Private Limited—it offers a diverse array of loans and mortgages. These include home loans, gold loans, business loans (including loans against property), microfinance, medium & small enterprise financing, developer & construction finance, and capital market finance. Catering to both retail and corporate clients, the company boasts a nationwide presence with a robust network of 2600+ branches across 500+ cities. The assets under management amount to ₹64,638 Cr, and it maintains a credit rating of #AA Stable by CRISIL. With a workforce of 33,910, IIFL Finance is dedicated to fostering a positive work environment.

IIFL Securities is recognized as one of India’s largest independent full-service retail and institutional brokerage houses. Additionally, it serves as a leading investment advisory firm in the country, providing diversified financial services and products to a wide range of clients. These clients include corporate entities, institutional investors, foreign portfolio investors, mutual funds, insurance companies, alternative investment funds, trusts, high-net-worth individuals, and retail investors. Serving over 3 million customers, IIFL Securities operates through a network of approximately 2,500 points of presence across branches and business partners in more than 500 cities.

5paisa.com operates as an online financial platform and discount broker, offering a cost-effective solution for users to trade and invest in various financial instruments, including stocks, commodities, currencies, and mutual funds. The platform provides a comprehensive suite of financial products and services, enabling users to trade and invest in stocks listed on Indian stock exchanges (BSE and NSE), commodity derivatives, currency derivatives, and mutual funds. The mobile trading app offered by 5paisa.com allows users to trade and invest on the go, providing real-time market data and research reports.

Both group companies, IIFL Securities and 5Paisa.com, are recognized as Qualified Stock Brokers (QSBs) by meeting stringent regulatory guidelines set by market regulator SEBI.

Livlong 365 Protection & Wellness Services operates based on the concept of Payvidor, integrating a robust Payer-Provider solution as an integral part of its system. This approach allows Livlong 365 to offer a comprehensive healthcare experience. The system is built on the principles of transparency, a widespread network of dependable infrastructure, 24/7 availability, and a personal touch with compassion to understand healthcare needs. With a network of 6000+ doctors, coverage in 19000+ pin codes, partnerships with 30+ NABL Accredited Labs, and over 11.7 Lacs+ happy customers, Livlong 365 strives to provide a holistic healthcare ecosystem.

Challenges

IIFL and its group of companies were dealing with a three-pronged challenge.

VP and Group Head of Cyber Security at IIFL Finance Ltd, Ameya Sathye, noted these hurdles could disrupt IIFL’s operations and the services it provides to customers.

1. Vulnerable developer endpoints: IIFL’s developers had standing administrative rights on their endpoints, making them lucrative targets for threat actors. A single compromised developer identity could put them at risk of confidential data loss, injection of vulnerabilities, and malicious software installations that can wreak havoc on the developmental platform. The only way to mitigate these risks was to regulate and limit the privileges developers had at any given time without affecting their productivity.

“Endpoints and workstations are the gateway to everything we do. It’s how we access business applications, DevOps environments, code, customer data, and our infrastructure. Managing privilege across endpoints is foundational.”
–– Ameya Sathye, VP & Group Head of Cyber Security

2. Inefficient compliance processes: Cumbersome compliance practice was another major challenge the organization wanted to overcome to save time and resources. As a business–to–consumer (B2C) organization in the financial sector, meeting compliance and regulatory needs was critical to growing their market share and winning customer loyalty. Their existing processes were time-intensive, fatigue-inducing, and likely to fail in the face of stringent external auditing.

3. Difficulty implementing a least privilege framework: Enabling least privilege isn’t as simple as removing local admin rights for all identities. In fact – it’s ensuring all identities have access to the resources they need at the right time without impacting workforce productivity. This calls for meticulous and dynamic access provisioning that only an integrated identity security approach can provide.

Solutions

IIFL implemented CyberArk Endpoint Privilege Manager (EPM), an all-encompassing endpoint privilege security solution that addressed their pain points. With dedicated controls for security teams to secure developer endpoints, CyberArk EPM helped:

• Control and manage access to sensitive data and applications.
• Prevent unauthorized software installation.
• Protect their development platform from malware, including ransomware.
• Increase visibility into the levels of access developers had across the organization.

The solution worked by interlocking three core capabilities: endpoint privilege management, application control, and credential theft detection and blocking. This allowed IIFL to automatically elevate privileges for approved applications based on policy, require user reauthentication for specific tasks, and block and alert on suspicious activities. CyberArk EPM also secures credentials stored in the operating system and third-party applications credential stores and secures the web browser, blocking cookie theft and session hijacking, password dumping, and browser memory dump and analysis.

Commenting on the marked benefits of this transition, Ameya said, “CyberArk Endpoint Privilege Manager provides us a comprehensive way to reduce risk and implement role-specific least privilege across our endpoints, especially our developers’ workstations. Leveraging its reporting and analytics capabilities gives us a comprehensive view of privileges used across the organization and simplifies how we satisfy compliance requirements.”

Results

The implementation of CyberArk EPM saw the developers of IIFL operate with greater ease and autonomy, with their endpoints secured with intelligent threat protection. The platform’s ability to automate elevations of applications plays a pivotal role in reducing IT helpdesk burden while safeguarding enterprise resources.

“CyberArk EPM has helped us improve our endpoint security strategy. We have been able to implement least privilege policies for our developer’s workstations with ease and efficiency. CyberArk EPM has also improved our administrators’ experience. We are very satisfied with CyberArk’s product, support, and service.”
–– Ameya Sathye, VP & Group Head of Cyber Security

CyberArk EPM also helped IIFL adhere to security best practices and readily satisfy compliance, which continues to boost the brand’s reputation amongst customers and partners. More importantly, security was not compromised for the sake of productivity.

Key benefits

• Achieve measurable risk reduction by enforcing least privilege
• Secure their digital transformation by preventing malicious injection of vulnerabilities in digital platforms. Streamline compliance by aligning to security best practices and creating audit trails for identity and privileged events
• Enhancement of reputation and trust among customers and partners