GCI Stays Ahead of the Compliance Curve with PowerBroker Identity Services

• 应用基础设施与中间件 - API 集成与管理
• 网络安全和隐私 - 身份认证管理

• 电信

• 商业运营
• 人力资源

• 网络安全
• 基础设施检查

• 软件设计与工程服务
• 系统集成

General Communications, Inc. (GCI) is a premier integrated telecommunication provider that has grown significantly over the years. As the number of users grew from less than 500 to over 2,600, compliance and monitoring user access became a priority. The company had large teams of administrators with generic user accounts, which made it difficult for IT management to tie a specific change to an individual user. Motivated by Sarbanes-Oxley, GCI’s IT team set out to improve their security posture through management of users, privileges and access to servers, applications and data. New requirements, specifically the SOX Section 404’s Internal Controls Report, came with threats of $1 million dollar fines if companies were found non-compliant. The IT Security Management team took control of root admins and established preemptive guidelines for what junior and senior admins could access. They quickly realized they needed a solution that could deliver a scalable method for managing user access while offering traceability and verification at a granular level.

General Communications, Inc. (GCI) is a pioneer in technology, providing voice, video and data communication services to residential, commercial and government customers. Founded in 1979, GCI introduced long-distance competition to Alaska and has since grown to be one of the nation’s premier integrated telecommunication providers. GCI’s services are connected through company-owned fiber optic, satellite and metropolitan area network facilities to the Lower 48 states. This broadband platform is the only one of its kind in Alaska and allows the company to provide customized services to the Alaska market.

GCI evaluated and chose PowerBroker for its scalability, logging, audit and policy enforcement capabilities. Once PowerBroker was in place, the IT team wanted to establish native Windows authentication using PowerBroker and Microsoft Active Directory (AD). By using group policy objects, GCI could easily add Linux servers to the hierarchy, maintain consistent levels of security, leverage flexible sudo policies, and centralize Linux policy enforcement through AD. With PowerBroker, IT can now easily manage user creation, deletion and temporary access from one location, Active Directory, which has significantly improved their productivity and consistency. Additionally, GCI saw an immediate improvement in system build times. Before implementing PowerBroker, the admin team spent several hours, sometimes days, setting up servers manually to ensure the access and security rights fit the enterprise hierarchy. When a new DevOps initiative came along, targeting build requests levels of 10+ new servers a day, automation and the use of PowerBroker allowed the IT team to configure servers as needed.

• PowerBroker Identity Services allows IT to manage all users from Active Directory which significantly improves productivity and easily proves compliance to auditors.
• With PowerBroker, IT can now easily manage user creation, deletion and temporary access from one location, Active Directory, which has significantly improved their productivity and consistency.
• Automation and the use of PowerBroker allowed the IT team to configure servers as needed.

• Reduced system build times from several hours or days to a significantly shorter period.
• Managed to handle build requests levels of 10+ new servers a day.