Download PDF
CyberArk > Case Studies > Princess House Prioritizes PAM-as-a-Service to Reduce Risk and Protect Customer Data—Fast
CyberArk Logo

Princess House Prioritizes PAM-as-a-Service to Reduce Risk and Protect Customer Data—Fast

Technology Category
  • Cybersecurity & Privacy - Identity & Authentication Management
  • Cybersecurity & Privacy - Cloud Security
Applicable Industries
  • Retail
Applicable Functions
  • Business Operation
  • Quality Assurance
Use Cases
  • Remote Control
  • Regulatory Compliance Monitoring
Services
  • Cloud Planning, Design & Implementation Services
  • System Integration
The Challenge
The direct selling industry, which collects billions of personal data points from customers globally, is a prime target for cybercriminals. Beyond personally identifiable information (PII) and payment card industry (PCI) data, they gather other sensitive information such as social security and government ID numbers. Princess House’s information systems and technology (ISIT) team recognized the need to secure privileged access to this sensitive information to preserve customer trust and protect Princess House’s reputation. Before implementing a PAM solution, accounts were stored in password-protected spreadsheets without enforced password rotation, posing a significant security risk. The team initially selected a PAM solution but faced issues with its implementation, which was complicated and lacked a step-by-step guide. The platform was inflexible, requiring all accounts to be managed at once, which was not suitable for their phased approach.
About The Customer
Princess House is a leading direct-sales organization based in Taunton, Massachusetts, with over 200 employees. For over 55 years, the company has been committed to developing quality home goods that make life healthier and more beautiful. The company collects billions of personal data points from customers around the world, including personally identifiable information (PII), payment card industry (PCI) data, social security, and government ID numbers. The information systems and technology (ISIT) team, led by Vice President Bassam Alqassar, recognized the need to secure privileged access to this sensitive information to preserve customer trust and protect the company's reputation.
The Solution
Princess House decided to switch to CyberArk Privilege Cloud, a SaaS solution that provides secure credential storage, rotation, and isolation for human, machine, and application users. The team sought a cloud solution to automate processes and focus on securing privileged access without managing infrastructure. Guided by the prescriptive, risk-aligned Guided Success Plan and supported by a dedicated team of CyberArk experts, the implementation kicked off quickly and smoothly. Within one month, the CyberArk PAM-as-a-service solution was up and running. The initial use case focused on mapping, centrally securing, and controlling access to approximately 600 privileged credentials and service accounts. The team automated privileged credential rotation to strengthen security and implemented session management and recording to audit access to powerful credentials. This approach helps in quickly pinpointing accidental changes, accelerating troubleshooting, and easing potential future audits. The service is deployed in the cloud, eliminating the need to manage additional on-premises infrastructure. The team plans to extend session management capabilities to other critical accounts and systems in the future.
Operational Impact
  • The team can better protect against unauthorized privileged access, impersonation, fraud, and theft by implementing strong PAM controls around their most sensitive assets.
  • Opting for an as-a-service model has provided operational and productivity benefits beyond streamlined deployment.
  • Automating processes like upgrades and patches has been a significant benefit, allowing the team to focus on security rather than infrastructure management.
Quantitative Benefit
  • Within one month, the CyberArk PAM-as-a-service solution was up and running.
  • The initial use case focused on approximately 600 privileged credentials and service accounts.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.