Kainos protects critical customer data with CyberArk Endpoint Privilege Manager on 4,000 endpoints worldwide

UK Technology Business has deployed CyberArk Endpoint Privilege Manager to help control local admin rights across 4,000 Windows and Apple laptops

KAINOS PROTECTS CRITICAL CUSTOMER

Summary

Kainos, a UK headquartered digital technology company, has grown over the last few years to become a global business with a team of over 3,000 people across 22 countries. Having a global workforce presents a security challenge to organizations like Kainos. Members of the team have access to sensitive data and need to be able to work remotely and from client locations. The company brought in CyberArk to improve security, reduce risk, and help Kainos provide excellent data control for their customers.

Company profile

Kainos exists to transform the way people work, by helping customers to solve their biggest challenges and perform at their peak. Through three divisions – Digital Services, Workday Services and Workday Products – Kainos works with clients across healthcare, commercial, and the public sector. The company is listed on the London Stock Exchange (KNOS).

Employees: 3,000

Challenges

When Head of Information Security Mark Magill joined Kainos his first challenge was to assess the current set up. “My first challenge was to address the security of company property. It’s hard when you have people travelling the globe with laptops and devices, and they all need to use a wide variety of applications”, said Mark.

For a rapidly growing, global business like Kainos it’s important to keep up to date with best practice in cyber security. Mark explains “People had been able to choose which applications they needed to use, they could download and install applications themselves, while that made it easy to get the job done, it’s not ideal from a security perspective. With a huge team of people, that can bring a huge variety of applications, we audited the size of the challenge and found 50,000 different applications in use globally”.

At Kainos the importance of data security cannot be overstated as Mark explains “Our teams often work from client locations, as we work as one team with customers to tackle issues. We have access to sensitive information and our customers rely on us to protect their data.

Moreover, like many organizations, Kainos is under constant attack from threats like phishing, fake Office 365 password reset scams and targeting LinkedIn for new starters.

Solutions

Under Marks direction, the security stance at Kainos has been transformed with a centralized security information solution stack that brings together several security layers such as always-on VPN, endpoint detection and response, vulnerability management and anti-virus. To address the area that most concerned Mark, Kainos has deployed CyberArk Endpoint Privilege Manager across all 4,000 endpoints.

CyberArk was chosen because it made controlling local admin rights and applying just-in-time admin access quick and easy. Policy flexibility and role-specific least privilege framework were also important because Kainos has a mix of different users, from developers and business staff to senior executives who need different access rights. For instance, Mark does not want to hinder access for the company’s large developer team which needs to use specific applications. While CyberArk restricts and controls local admin, Mark wanted a solution that would improve security, but still be able to grant temporary admin access quickly.

“We chose CyberArk because it is pretty straightforward to use,” added Mark. “At the time, the team was still being formed so having a tool that is intuitive was essential. Also, CyberArk lets you allow and block applications. With over 50,000 applications, we could simply click a button and block one or a whole group of applications.”

The IT environment at Kainos is predominantly Windows and Azure with Office 365, and AWS for customer-facing projects. However, endpoints comprise 40% Windows and 60% Apple devices with CyberArk supporting both platforms.

Deployment of CyberArk was done mainly in-house with some support from CyberArk Consulting Services and consultancy from CyberArk business partner Truststream.

Results

“Now that we have CyberArk in place, there is no going back,” said Mark. “We have removed local admins and developed new processes, so it is well embedded in how we operate and how we perform our security functions.”

Kainos has seen its cybersecurity improve significantly because of the proactive measures it has put in place. CyberArk, specifically, increases visibility of applications so that Mark knows exactly which applications are running on each laptop.

“While cost savings as a result of tools like CyberArk are hard to measure, we have certainly benefited from a reduction in cybersecurity risk which has translated to lower insurance costs,” added Mark.

“We have had instances of CyberArk stopping ransomware attacks, so there is the cost avoidance where we have detected and stopped malicious software on the endpoint.”
Mark Magill, Head of Information Security, Kainos

A key benefit of CyberArk is solving common problems quickly and easily and maximizing limited security resources. For example, when a user requests to run an application with elevated privileges, Mark can use a portal to quickly verify the application and grant access for one-time elevation or allow the user to elevate without creating requests going forward if that application is needed on a regular basis. CyberArk also enables Just-In-Time (JIT) admin access – when a user is temporarily added to local admin group and then local admin rights are automatically revoked. Mark has created workbooks for level one helpdesk staff so that when they get a local admin request, they can quickly provide JIT access without needing any CyberArk expertise. “This is a really big win for the security team, because we do not need to be involved in every ticket that comes in,” explained Mark. “This is saving a lot of our time and means access is being provided to users almost instantly.”

Deployment of tools like CyberArk are increasingly important in meeting security assurance demands from customers and insurance providers. “Because of the type of work we do, many customers now demand certain levels of cybersecurity control. Using a solution like CyberArk means we can give our customers the confidence they need to know they can trust Kainos with their data”.

As with many security tools, introducing new policies can mean significant changes in working practices for users. “Initially, users thought we were going to make it harder for them to access the tools they need to complete tasks, but that wasn’t the intention at all”, recalled Mark. “Through education and training, we demonstrated the reasons and benefits and gained buy-in. We ran pilot groups, built profiles, and developed policies that accurately reflected user needs, adopting a collaborative approach rather than an imposition. CyberArk was key because it makes elevating privileges almost transparent to the end user.”

“Getting to where we are today, and the direction we are travelling in with solutions like CyberArk, is a significant achievement,” concluded Mark. “I started with a team of two and now we are 12 across Information Security and we have completely transformed our endpoint security, delivered a host of new solutions, improved our whole security stance and most importantly our user experience. Personally, that is something that makes me proud.”

Key benefits

  • Transforms endpoint control and security
  • Makes it easy to remove, manage and temporarily grant admin rights
  • Enables role-specific least privilege
  • Helps reduce cybersecurity insurance costs
  • Ensures endpoint protection without restricting user efficiency
  • Eases introduction of new security rules

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey