下载PDF
IT Services Company deploys CyberArk Viewfinity to reduce the attack surface on endpoints by limiting local administrative privileges for business users.
技术
- 网络安全和隐私 - 端点安全
- 网络安全和隐私 - 安全合规
适用功能
- 商业运营
服务
- 系统集成
- 网络安全服务
挑战
Protecting the privacy and security of data is a top priority. The company’s highly diverse IT environment runs multiple Windows platforms, and more than 85% of end users had administrative rights to their machines which was a security risk. To reduce the attack surface, the company was compelled to rewrite IT security policies in support of removing administrative rights from business users on endpoints. Ultimately, the goal was to implement the new IT security policies with the least disruption to and resistance from end users, while doing so in the most cost effective way possible. Due to the company’s IT environment and the applications supported, it was critical to have the ability to define a specific application to run with elevated rights without having to give the same rights to child processes.
关于客户
An IT Services Company with more than 100 locations globally provides responsive engineering services and technical support to its customers worldwide. The company has federal contracts also provides simulation-based tools and services for training, mission planning, rehearsal, after-action reviews, virtual reality command and control and engineering analysis.
解决方案
CyberArk Viewfinity enables the company to apply granular-level control to all policies, including the ability to define which applications are allowed – a key requirement for selecting the privilege management product. The admin console is simple to navigate and allows significant changes to the operating environment quickly. The built-in flexibility creates a multidimensional approach to common access control issues, ranging from which users can install and run what applications (and restrict child processes) to identifying an allowable time of day for a user to access information. From a performance perspective, the CyberArk Viewfinity agent processes take up less than 1.5 MB of memory, and there has not been any noticeable impact on the network. The solution was installed and up and running in half a day. In approximately two weeks, all the newly written application control policies, including policies for users that required ActiveX and desktop functions requiring elevated permissions, were created, propagated, and active on all of the workstations. Since 95% of the privilege escalation needs were known, most policies were established and implemented during the initial project rollout phase. For exception circumstances, the company uses CyberArk Viewfinity’s Policy Automation feature that streamlines privilege elevation requests from end users with automated workflow approval for the IT administrators.
运营影响
数量效益