Leading insurance company accelerates and secures their digital transformation

Major North American insurer secures mission critical applications running on Red Hat OpenShift.

Leading insurance company

Company profile

A major North American insurance company secures mission critical applications running on Red Hat OpenShift using CyberArk Secrets Manager.

The insurance company uses the secrets management solution to reduce the attack surface, mitigate risk, and accelerate their digital transformation. The solution provides a centralized approach for managing secrets and privileged credentials across the entire application spectrum—from the organization’s hybrid applications to containerized applications running in the cloud.

To make it easier for application development teams to securely provide containerized applications with the secrets and credentials needed to access databases and other sensitive resources, the insurer integrated ServiceNow® with CyberArk Secrets Manager. This provides developers with a self-service solution which has helped the company accelerate their digital transformation while strengthening security.

  • Annual Revenue: USD 25 billion+
  • Employees: 25,000+

Challenges

The insurance company wanted to use DevOps methodologies and containerize thousands of applications to increase business agility, eliminate inefficiencies, and accelerate the pace of innovation. Containerized applications use secrets such as passwords, tokens and SSH keys to gain access to sensitive enterprise resources such as databases, web applications, compute, storage and networking services. The security team recognized that in some other organizations, out of expediency, developers have hardcoded secrets, access keys and other sensitive credentials into applications. Hard coded credential are not only challenging to rotate, but also potentially expose the business to data theft and malicious attacks. The insurer’s information security organization wanted to ensure credentials were removed from code to reduce potential vulnerabilities, such as inadvertently exposing secrets in the code stored on repositories. A key priority was to ensure applications can securely access data bases and other sensitive resources without impairing developer productivity or hindering application delivery.

Solutions

The insurance company selected Conjur Secrets Manager Enterprise to secure its Red Hat OpenShift based applications and CI/CD tools. Conjur Enterprise is specifically architected for containerized and DevOps environments, and lets the company efficiently secure, rotate, audit and manage secrets and other credentials at scale, based on policy.

A long-time CyberArk customer, the insurance company was well versed in the advantages of CyberArk Secrets Manager. By deploying Secrets Manager the company also extends their previous CyberArk investments with the establishment of a common digital vault and single point of control for credentials used by traditional and containerized applications, developers, test engineers, system admins and other personnel.

The company implemented a self-service framework using the ServiceNow IT Service Management platform as a front-end.

Results

Secrets Manager helps the company take advantage of the benefits of Red Hat OpenShift containers without compromising security or agility. The solution helps the insurer accelerate time-to-market, reduce risk, and free up development resources to focus on core functionality. With Secrets Manager, containerized applications gain secure access to Oracle, DB2, and MS SQL Server databases, under the policies and guidelines established by the corporate security organization.

Key benefits

  • Accelerated the business’s digital transformation by centrally managing secrets for applications migrated from on-premise, to containerized and cloud environments
  • Reduced development cycle by simplifying how developers enable applications to securely access databases and other sensitive resources
  • Improved security by natively authenticating and then providing containerized applications with the secrets they require to access databases and other resources.
  • Eliminated secret zero. Automatically rotate secrets based on policy. Simplified removing hard-coded credentials from code.
  • Achieved migration plan of securely providing applications with 1+ million secrets per day using Secrets Manager.

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey