Transportation leader takes an identity security-first approach to shape its digital transformation

Global Provider Partners with PwC, CyberArk and SailPoint to Implement a SaaS-based Identity Security Platform

Company profile

A global transportation organization recognized the need to align its security strategy with changing business needs, market dynamics and ongoing concerns of cyberattacks but didn’t know where to start. The existing solution was not in step with the organization’s digital transformation strategy and cloud-first commitment. The situation was compounded when the global pandemic hit and forced a massive shift to remote work. They needed a modern, scalable identity security service that was quick to deploy, easily scalable and agile enough to keep pace with business growth. Click here to download the PDF version of this story

Challenges

Led by the planning efforts of the Chief Information Security Officer (CISO) and their security team, key priorities were identified before undertaking this transformation:

• Protecting the nearly 100-year-old globally recognized brand

• Securing and governing the identities of remote and on-site workers employed throughout 150+ countries and geographically dispersed retail locations

• Moving the company confidently through its digital transformation while ensuring users had access to business-critical resources

• Leveraging solutions that embraced the benefits cloud deployment had to offer

Remote Work Accelerates Digital Transformation

With the foresight of the CISO and their team, they realized the onset of the pandemic was creating massive access challenges for the organization. They were adapting not only to the situation, but also reactively responding to the cyberattacks that ensued and quickly realized the need to secure their users for new work-from-home environments.

The organization, needing to get remote users onboarded quickly while also continuing to access business critical applications, took bold steps to evaluate new approaches to quickly help the organization address identity security throughout its digital transformation.

Knowing on-premises solutions can take years to deploy, the organization did not have the time to design, develop, and manage their own internal architecture and infrastructure—not to mention host it. Assessing the right solutions would give the CISO the ability to quickly deploy and show value back to the business.

Solutions

Securing the Future

To help the organization address its priorities, PwC was engaged to develop a cybersecurity strategy and implement a modern Identity Governance and Administration (IGA) and Privileged Access Management (PAM) program. By securing IT administrators with highly privileged access, the organization could better protect against cyber attackers targeting users with direct access to the sensitive data that drives its business and systems. While on-premises solutions were considered, the organization’s cloud-first commitment brought SaaS to the forefront of implementation options. SaaS presented more opportunities for the company to secure and enable the business quickly and engage customers and deliver services within its own business while keeping systems up and running and users working – all while moving to a hybrid environment.

Identity, Access and True Business Impact

The organization’s extensive network of retail locations includes many users across the globe, which means thousands of identities with access. The nature of retail operations brings with it high employee turnover. The business needed to enable access to resources in a way that reduced risk while also boosting productivity. New employees needed immediate access to role-essential applications so they could be as productive as possible as quickly as possible. At the same time, the organization needed a way to remove access just as quickly when an employee departed so that they did not have the ability to continue accessing applications, thus creating increased business risk.

SailPoint’s Identity Security Cloud automates the onboarding of new users and the creation of new accounts, and then executes a workflow to disable or delete access upon their departure.

In addition to creating a simplified process, by eliminating the manual tasks associated with the creation and deletion of users, the IT organization can also benefit from a reduction in the resources and time needed to manage the process. By leveraging automation, IT can create a user in minutes instead of days or weeks, which enables new employees to be productive quickly. It also helps mitigate the risks, compliance and operational gaps associated with the management of digital identities.

CyberArk Privilege Cloud helps protect, control, and monitor privileged access across the company’s on-premises, cloud and hybrid infrastructures. Prior to implementing CyberArk Privilege Cloud, the organization had no system in place to determine whether critical assets were securely managed, protected or changed. Today, critical assets can be secured because passwords cannot be reused or compromised, even for shared accounts.

Results

By integrating CyberArk Privilege Cloud and SailPoint IdentityNow into a single SaaS solution, organizations are able to reducing complexity while boosting business value:

Reduce Burden.
Stakeholders, including application teams and platform owners, receive a full view of the overall solution to streamline information gathering, development, and change management while reducing the burden on business stakeholders. Touchpoints with stakeholders can be reduced up to half, freeing those resources to focus on the business.

Realize value sooner and for less.
An integrated SaaS solution saves time by creating one design, working with stakeholders once upfront, and deploying infrastructure together.

Streamline infrastructure setup.
By combining integration and operationalization of on-premises gateways and other systems, the company could prevent duplication of effort when setting up infrastructure and deploying new networking and firewall rules.

Create standardized design specifications. Considering the details of both solutions together saves oversight in areas such as naming conventions, metadata availability, and more.

Prioritize high risk use cases.
Rather than dramatically maturing one area of risk via IGA or PAM while leaving another risk unaddressed, an integrated SaaS approach tackles baseline maturity across a range of high-risk areas.

Integrate multiple platforms and accounts. One client was able to integrate 5 platforms and 700 accounts across those platforms.

PwC, CyberArk and SailPoint worked closely together to understand the organization’s business needs and deliver an integrated IGA and PAM solution that aligned with a progressive transformation strategy. With these foundational building blocks in place, this global brand confidently shaped its digital transformation on an identity-security-first, SaaS-based approach.

Key benefits

Taking a holistic approach to enterprise identity security, with IGA and PAM solutions working together to deliver an integrated solution and service offering, empowered the organization to:

• Close security gaps
• Reduce risk
• Eliminate redundant processes
• Keep users secure

About PwC
At PwC, our purpose is to build trust in society and solve important problems. Our experience includes more than 300 successful identity solutions delivered, with teams who have operated in some of the largest and most comprehensive IAM infrastructures in the world. Find out more and tell us what matters by contacting us today. www.pwc.com/us

About CyberArk
CyberArk is a global leader in Identity Security. Centered on privileged access management, CyberArk provides security offerings for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. Leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit www.cyberark.com.

About SailPoint
SailPoint is a leader in identity security for the cloud enterprise. With identity security solutions securing and enabling thousands of companies worldwide, SailPoint gives customers visibility into the entirety of their digital workforce, helping to ensure that workers have the right access to do their job — no more, no less. To learn more about SailPoint, visit www.sailpoint.com.

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey