Global financial businesses trust in top IT provider to improve cybersecurity protection

Summary

This IT solutions provider knew that if an attacker had any chance of breaching the company’s cybersecurity defense, comprising identity, and privileged users’ access, would be the way to do it. By investing in CyberArk, the company has set controls to prevent credential theft, stop lateral movement and limit privilege escalation and abuse – making cyberattacks easier to mitigate.

Company profile

This organization’s purpose is to be the “Driver in a Driverless Car” for Global Enterprises by applying next generation design, architecture, and engineering services, to deliver scalable and sustainable software and technology solutions. Customer centricity is foundational to this company and is reflected in their transformation approach which uses the exponential power of cloud and cognitive to provide hyper-personalized digital experience to clients and their end customers. This transformation approach helps ‘shrink the core’ through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Core reference architectures and tools, speed, and innovation with domain expertise and specialization, combined with an integrated sustainability and purpose-led approach across its operations and solutions are key to building strong relationships with its marquee clients.

Employees: 38,000

Challenges

This top Information Technology (IT) solutions provider specializes in cloud and cognitive services, supports financial institutions, insurance, hi-tech, healthcare, travel & transportation, manufacturing and others, where information security is business critical. To further its competitiveness, the company needs to take a proactive approach to cybersecurity to protect its employees, the applications, and the services it delivers to its clients.

The company is under no illusion about where its challenge lies. “Identity Security is either the weakest or strongest link in the chain. If someone wants to do real damage, they will compromise identity, and privileged access will be the first target,” explained its Vice President of Compliance. “The key question is, how do you protect yourself when you are already exposed? That is where the investment in Identity Security and Privileged Access Management (PAM) makes sense. You cannot be 100% secure, so make things as difficult as possible for your adversary.”

Identity Security goes from initiation to termination of user access. “It starts when my identity is created and enabled for access to when I leave the company,” disclosed its V.P. of Compliance. “Our concerns include how soon an identity is deleted once someone leaves, access creeps in when privileges are escalated, or someone moves from one role to another. So, we must be aware and protect the whole Identity Security lifecycle.”

The aim of this cybersecurity journey was to renew, reinvent and improve Identity Security, to gain quicker and greater visibility on how systems were accessed. By introducing modern solutions and strengthening Identity Security, the organization had to ensure that users were not burdened by more complex security tools. “We need to keep security transparency and simplicity at top of mind,” added its V.P. of Compliance. “Naturally, people will find an easier way around complex security. If there is a post in front of you, you will not barge into it; you go around it. In Information Security, being invisible is more important. And if you are invisible to your employees, you are also invisible to attackers.”

What its V.P. of Compliance likes and what drew him into the world of security is dynamism. “Information security is very dynamic. It keeps you active and alert, which is exciting and challenging. The adversaries you encounter are as smart, if not smarter than you, and that increases the challenge. But l love working against someone smarter because I get sharper and learn things about how to stay safe and avoid making mistakes.”

Solutions

The organization conducted an extensive evaluation process based on business needs, tactical challenges, solution capabilities, and industry trends. CyberArk won the evaluation and was the preferred choice due to ease of use. “CyberArk was the best fit for us and gained acceptance from our teams, who found CyberArk a lot easier to work with compared to other tools we evaluated,” recalled its V.P. of Compliance.

The organization has deployed two CyberArk solutions – CyberArk Privileged Access Manager Self-Hosted and CyberArk Secrets Manager Credential Providers – to manage identities and access to business applications. They are used by 1,000 employees, mainly developers and product engineers, and will increase to 2,000 when the solution has been deployed to all its subsidiaries and business users. CyberArk manages access for a wide range of applications on-premises and in the cloud platforms such as AWS, Azure, GCP, and Oracle.

“The reason for bringing in a solution like CyberArk is to enhance our Identity and Information Security,” clarified its V.P. of Compliance. “But things keep changing, and we cannot do the same thing year after year and still think we are safe. It is about how we reinvent ourselves.” CyberArk is being used for just-in-time (JIT), self-provisioning and automated workflow access to applications based on pre-approved security groups based on role and manager authority. CyberArk increases visibility for the SOC team by showing what users are doing.

The company worked with CyberArk and its business partner Value Point for guidance on best implementation practices.

Results

“Security at our organization has enhanced because CyberArk’s Identity Security solutions help us protect all types of identities, both human and machine, and improve visibility. In information security, we cannot protect what we cannot see, but now we can see, capture, and forensically analyze privileged access. That is a huge benefit.”
– Vice President of Compliance, Key Information Technology (IT) solutions provider

One criterion for investing in a solution like CyberArk is the value brought to the business. Besides improving Identity Security, CyberArk has delivered ROI for this organization, and the company expects the solution to pay for itself in less than a year.

The IT staff were conscious of not making life harder for the staff. In fact, because of CyberArk’s ease of use, managing Identity Security has become more efficient and productive. The IT team stated that typical processes like incident detection and remediation are faster and help boost productivity. The V.P. of Compliance manages several security teams at the company but shared he only needs one person to manage CyberArk. “The beauty of CyberArk is I don’t have to build a team to manage the solution.”

CyberArk ensures that the organization meets several compliance standards such as ISO 27001, SOC 1 and 2 and payment card industry (PCI), and contractual obligations with clients. With Secrets Manager Credential Providers, the company can secure access to critical business applications such as AWS, Azure, GCP, and Oracle and meet internal and regulatory compliance requirements. Additionally, CyberArk records how an incident starts, and how and when users activate privileges, providing a clear audit trail. The organization uses CyberArk Monitor to support hundreds of certifications and audits it conducts every year.

In addition to systems and information, the organization also needed to protect the trust established with its customers for professionalism and best practices. The V.P. of Compliance pointed out that because of CyberArk’s reputation and the fact that the company uses it for its own Identity Security and user protection, its position as a trusted partner has been strengthened.

“I am proud of what we have achieved and the speed of execution in all that we have done. With the help of CyberArk, we react, respond and are more proactive. We have invested in solutions like CyberArk ahead of time so that we prevent incidents to safeguard our company and maintain the trust in our organization.”
– Vice President of Compliance, Key Information Technology (IT) solutions provider

Key benefits

• Improves security by protecting identities and providing better visibility
• Delivers ROI in less than a year
• Speeds up incident detection and remediation
• Reduces time spent managing and processing privileged access
• Increases productivity
• Ensures Identity Security tools do not hinder user operations