Download PDF
Lockheed Martin Achieves NIST SP 800-171 Compliance with Netwrix Privilege Secure for Discovery
Technology Category
- Application Infrastructure & Middleware - Data Exchange & Integration
- Cybersecurity & Privacy - Security Compliance
Applicable Industries
- Aerospace
- National Security & Defense
Applicable Functions
- Product Research & Development
- Quality Assurance
Use Cases
- Leasing Finance Automation
- Tamper Detection
Services
- Cybersecurity Services
- System Integration
The Challenge
Lockheed Martin, a contractor/subcontractor of the Department of Defense (DoD), was required to comply with 110 security controls defined in NIST Special Publication 800-171, with a focus on network access and administrator privileges. The company needed to establish a company-wide program to meet the DoD requirements under (DFARS) 252.204-7012. The challenge was to find a highly scalable solution that could integrate multi-factor authentication (MFA) and dynamic privileged access, meet compliance requirements, and minimize impact on ongoing operations. Existing password vault solutions did not provide dynamic privileged access, and building an in-house solution was deemed expensive and time-consuming.
About The Customer
Lockheed Martin Corporation is a global security and aerospace company headquartered in Bethesda, Maryland. The company employs approximately 114,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration, and sustainment of advanced technology systems, products, and services. As a contractor/subcontractor of the Department of Defense (DoD), Lockheed Martin stores, processes, or transmits “covered defense information” and is required to comply with specific security controls.
The Solution
Lockheed Martin adopted Netwrix Privilege Secure for Discovery, which proved to be easier to deploy, more secure, and capable of continuously inventorying the distribution of privileged access across the company’s systems. The solution provided just-in-time access to privileged accounts, stopping lateral movement by assigning privileged access only to the necessary endpoints and for a specific period. The zero-privilege baseline for protected endpoints ensured that compromised accounts could not be used to access systems or move laterally through the network. The solution was deployed within several weeks with minimal disruptions to Lockheed Martin’s 150,000+ endpoints due to its agentless nature. The solution was easy to use, with a responsively-designed web interface and API-first architecture that was easy for DevSecOps, operations, and information security teams to manage.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Airbus Soars with Wearable Technology
Building an Airbus aircraft involves complex manufacturing processes consisting of thousands of moving parts. Speed and accuracy are critical to business and competitive advantage. Improvements in both would have high impact on Airbus’ bottom line. Airbus wanted to help operators reduce the complexity of assembling cabin seats and decrease the time required to complete this task.
Case Study
Aircraft Predictive Maintenance and Workflow Optimization
First, aircraft manufacturer have trouble monitoring the health of aircraft systems with health prognostics and deliver predictive maintenance insights. Second, aircraft manufacturer wants a solution that can provide an in-context advisory and align job assignments to match technician experience and expertise.
Case Study
Aerospace & Defense Case Study Airbus
For the development of its new wide-body aircraft, Airbus needed to ensure quality and consistency across all internal and external stakeholders. Airbus had many challenges including a very aggressive development schedule and the need to ramp up production quickly to satisfy their delivery commitments. The lack of communication extended design time and introduced errors that drove up costs.
Case Study
Developing Smart Tools for the Airbus Factory
Manufacturing and assembly of aircraft, which involves tens of thousands of steps that must be followed by the operators, and a single mistake in the process could cost hundreds of thousands of dollars to fix, makes the room for error very small.
Case Study
Accelerate Production for Spirit AeroSystems
The manufacture and assembly of massive fuselage assemblies and other large structures generates a river of data. In fact, the bill of materials for a single fuselage alone can be millions of rows of data. In-house production processes and testing, as well as other manufacturers and customers created data flows that overwhelmed previous processes and information systems. Spirit’s customer base had grown substantially since their 2005 divestiture from Boeing, resulting in a $41 billion backlog of orders to fill. To address this backlog, meet increased customer demands and minimize additional capital investment, the company needed a way to improve throughput in the existing operational footprint. Spirit had a requirement from customers to increase fuselage production by 30%. To accomplish this goal, Spirit needed real-time information on its value chain and workflow. However, the two terabytes of data being pulled from their SAP ECC was unmanageable and overloaded their business warehouse. It had become time-consuming and difficult to pull aggregate data, disaggregate it for the needed information and then reassemble to create a report. During the 6-8 hours it took to build a report, another work shift (they run three per day) would have already taken place, thus the report content was out-of-date before it was ever delivered. As a result, supervisors often had to rely on manual efforts to provide charts, reports and analysis.