Download PDF
Milliken & Company Enhances Security Protocol with CyberArk Endpoint Privilege Manager
Technology Category
- Cybersecurity & Privacy - Endpoint Security
- Cybersecurity & Privacy - Application Security
- Infrastructure as a Service (IaaS) - Cloud Computing
Applicable Functions
- Business Operation
- Quality Assurance
Services
- System Integration
- Cloud Planning, Design & Implementation Services
The Challenge
Growing both organically and through acquisition since 1865, Milliken amassed unprecedented intellectual property, which has powered much of the company’s success. It has also presented challenges to protect that information and mitigate risks presented by the modern IT environment. Privacy and data security were a top priority. With the company operating more than 50 locations around the world, they needed a solution that could cover every endpoint and scale with the growing company. Amidst a current landscape of large breaches occurring at other companies, Milliken’s desire to protect its associates and its intellectual property led them to perform an internal security assessment, which included hiring a third-party security consultant to independently evaluate their environment. The assessment’s outcome demonstrated to the Milliken security team that changes were needed, leading to new security policies for managing this global IT environment. At Milliken, end users were running with full administrative rights on their company devices. A goal was established to eliminate this high risk and only allow certain individuals to have elevated privileges and only for specific applications and functionality. Along with establishing least privilege, the company sought better capabilities to govern application control. To ensure that users continued to have the freedom needed to do their jobs effectively, the right solution needed to balance the needs of the business around innovation but also minimize risk to the company and brand.
About The Customer
Milliken & Company, a diversified global manufacturer, has a long-standing heritage of exploring, discovering, and creating ways to enhance people’s lives. For more than 150 years, innovation has led the way combining science with meaningful design and insights. With a knowledge-based investment approach, Milliken employs more than 100 PhDs and has accumulated more than 5,000 worldwide patents. Across more than 35 manufacturing plants located in the U.S., U.K., Belgium, France, China, India, and Australia, and sales and service operations throughout the Americas, Europe, and Asia, more than 7,000 Milliken associates required a security solution that could scale and mitigate risk to enable them to continue to deliver on the Milliken promise to add true value to people’s lives, improve health and safety, and make this world more sustainable.
The Solution
Milliken chose CyberArk Endpoint Privilege Manager to deliver a global solution across every endpoint in the company. According to Ken Brown, Chief Information Security Officer for Milliken, 'We needed to critically address three security requirements from a global perspective: least privilege, patch management and application control; CyberArk Endpoint Privilege Manager covers two of these for us very nicely'. CyberArk Endpoint Privilege Manager enables the company to detect and apply granular level control to all policies and establish standard users without administrative privileges – a key requirement for selecting the privilege management product because it eliminates a large portion of the risk they were currently facing. 'CyberArk Endpoint Privilege Manager gave us that visibility to plan and prepare the organization to move to standard user. Furthermore, running Endpoint Privilege Manager in monitor mode allowed us to capture the applications in use today. With this visibility, CyberArk Endpoint Privilege Manager allowed us to create policies for reputable applications needed for business while blocking all unknown and unauthorized software. With these policies in place, we were able to switch to blocking mode with a high degree of confidence' Ken continued. Rolling out CyberArk in a phased approach also ensured Ken and his team that these security controls were accepted by the company and enabled a complete global rollout in under six months. To enable end users to have creative freedom, Milliken leveraged a feature in CyberArk Endpoint Privilege Manager which defined permitted applications through a trusted-sources model that ensured only known applications were entering onto workstations and laptops. CyberArk Endpoint Privilege Manager has a capability to manage assets on and off the network as well as determine reputation scores for every application and its related files. With Cyberark, allowing only authorized changes to the environment was now a reality regardless of where the end user was operating.
Operational Impact
Quantitative Benefit