Pension fund transforms operational efficiency and protection of digital assets

Leading Asia-Pacific region pension fund enhances user experience and security using CyberArk.

Focused young businessman holding video call with clients

One of its country’s largest pension fund providers, this company has been a household name in the region for many decades.


Hundreds of thousands of members entrust their retirement savings to the oversight of this highly respected company. With members being core to every aspect of the business, ensuring the integrity of sensitive data is mission critical. A revitalized IT environment, strict financial regulations creating complex compliance requirements and increased security awareness were the catalysts for an in-depth review of the company security, especially privileged access management (PAM).

A Complex and Expanding Environment

To improve services, reduce costs and increase business efficiency, a digital transformation initiative was launched that embraced a cloud-first, mobile-first strategy. Previously outsourced services were brought in house and most infrastructure transferred to a multi-cloud environment, using Microsoft Azure and AWS. As things evolved, the IT team jumped from seven to over 140 employees.

To ensure this expanding and increasingly complex environment is adequately secured as it grows and expands, a three-year strategic roadmap was put in place to focus on improving identity governance, along with administration and privileged account management.

A veteran cybersecurity business consultant at the company, elaborated, “We have a holistic vision for privileged account management beyond just the traditional password vault. Using a secure vault doesn’t address the real pain points of the business, such as improving fundamentals like operational efficiency and the end-user experience.”


CyberArk Operational in One Month

The in-house IT team carried out a thorough market review and elected to partner with CyberArk.

“CyberArk is highly respected throughout the industry and the company’s approach closely aligned with our own vision for PAM. It was the right solution for us to instill the rigor and discipline around privileged access that we needed.”

– Cybersecurity Business Consultant, Asia-Pacific Pension Fund

In just one month, CyberArk Privileged Access Manager Self-Hosted and Conjur Secrets Manager Enterprise were deployed across the multi-cloud environment. The company built a development environment to test PAM components and capabilities before production rollout. This involved bringing passwords into CyberArk Vault, establishing secure connections, and rotating credentials. From there, development focused on building a library of reusable patterns, connection methods, and use cases that could be readily reapplied to other parts of the business, including, importantly, secrets management within the automated DevOps build process.

Swift and seamless deployment proved critical in enabling the challenges of the COVID-19 pandemic to be effectively navigated. With CyberArk in place weeks before lockdown, staff members were able to work remotely and securely on essential business systems and applications without interruption.


Making the PAM Vision a Reality

“We see CyberArk as an innovator and leader in the PAM marketplace. The caliber of skills and resources are fantastic. CyberArk’s value-add is not just about products; It’s also about the strength of our partnership – the ability to talk through, weigh up options, and solve problems – that makes a world of difference. The partnership has been instrumental in our ability to execute our vision,” enthused the cybersecurity consultant.

With CyberArk, the company more effectively addresses auditing and compliance requirements, and has increased operational efficiency by as much as 80 percent. The consultant remarked, “One particular platform build regularly used to take over 40 minutes. By leveraging CyberArk for all credential duties, we’re now able to complete everything in three minutes. Today, we have integration across the entire DevOps process, and everything is seamless and more operationally efficient.”

As with many PAM initiatives, a key challenge had been getting people in the company to accept change and to do things differently. The security team put multiple strategies in place to overcome the cultural inertia, including a “train hard, train early” approach, making executive sponsorship very visible and being very responsive about incorporating user feedback into the deployment.

“The technology is not the hardest part of implementing a PAM solution; It’s moving people’s mindset away from old behaviors and towards new and more secure best practices,” commented the cybersecurity expert. “We needed to show the business that change is good and how we can increase productivity while also enhancing security. Understanding objections and winning people over – along with the speed, efficiency and performance of CyberArk – were fundamental to our success.”

“CyberArk gives us the ability to execute much more rapidly. Implementing CyberArk has removed a lot of the overhead from our team and is letting us execute on the business-critical commitments we’ve made to our stakeholders.”

– Cybersecurity Business Consultant, Asia-Pacific Pension Fund

The organization continues to praise CyberArk as an easy tool that is “invisible to users” and “functionally solves a long-term problem.” Just as importantly, the company can now demonstrate to their customers that their Smart Card-enabled accounts are secure and protected from theft and abuse.

Key benefits

  • Increased operational efficiency by as much as 80 percent
  • Simplified compliance processes with comprehensive security and on-demand access for audit trails
  • Created a holistic PAM program that quickly delivered company-wide protection
  • Minimized window of exposure with a one-month deployment across multi-cloud environment

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey