下载PDF
Leading Insurance Company Uses CyberArk to Secure Mission-Critical Applications
技术
- 应用基础设施与中间件 - API 集成与管理
- 应用基础设施与中间件 - 数据交换与集成
- 应用基础设施与中间件 - 中间件、SDK 和库
适用功能
- 商业运营
- 质量保证
用例
- 网络安全
- 预测性维护
- 远程资产管理
服务
- 系统集成
- 软件设计与工程服务
挑战
The insurance company wanted to use DevOps methodologies and containerize thousands of applications to increase business agility, eliminate inefficiencies, and accelerate the pace of innovation. Containerized applications use secrets such as passwords, tokens, and SSH keys to gain access to sensitive enterprise resources such as databases, web applications, compute, storage, and networking services. The security team recognized that in some other organizations, out of expediency, developers have hardcoded secrets, access keys, and other sensitive credentials into applications. Hardcoded credentials are not only challenging to rotate but also potentially expose the business to data theft and malicious attacks. The insurer’s information security organization wanted to ensure credentials were removed from code to reduce potential vulnerabilities, such as inadvertently exposing secrets in the code stored on repositories. A key priority was to ensure applications can securely access databases and other sensitive resources without impairing developer productivity or hindering application delivery.
关于客户
The customer is a major North American insurance company with annual revenue exceeding $25 billion and more than 25,000 employees. The company is a leader in the insurance industry and is focused on accelerating its digital transformation to enhance business agility and innovation. The insurer has a significant number of mission-critical applications running on Red Hat OpenShift and is committed to securing these applications using advanced secrets management solutions. The company aims to leverage DevOps methodologies and containerization to improve efficiency and reduce time to market for new services. With a strong emphasis on security, the insurer seeks to mitigate risks associated with hardcoded credentials and ensure secure access to sensitive resources across its hybrid and cloud environments.
解决方案
The insurance company selected CyberArk Application Access Manager Dynamic Access Provider to secure its Red Hat OpenShift-based applications and CI/CD tools. The CyberArk solution is specifically architected for containerized and DevOps environments, allowing the company to efficiently secure, rotate, audit, and manage secrets and other credentials at scale, based on policy. A long-time CyberArk customer, the insurance company was well-versed in the advantages of the CyberArk Application Access Manager solution. By deploying CyberArk’s secrets management solution, the company also extends its previous CyberArk investments by providing a common digital vault and single point of control for credentials used by traditional and containerized applications, as well as by developers, test engineers, system admins, and other personnel. The company implemented a self-service framework using the ServiceNow IT Service Management platform as a front-end. This integration provides developers with a self-service solution, helping the company accelerate its digital transformation while strengthening security. The solution helps the insurer accelerate time-to-market, reduce risk, and free up development resources to focus on core functionality. With Application Access Manager, containerized applications gain secure access to Oracle, DB2, and MS SQL Server databases under the policies and guidelines established by the corporate security organization.
运营影响
数量效益
相关案例.
Case Study
Remote Monitoring & Predictive Maintenance App for a Solar Energy System
The maintenance & tracking of various modules was an overhead for the customer due to the huge labor costs involved. Being an advanced solar solutions provider, they wanted to ensure early detection of issues and provide the best-in-class customer experience. Hence they wanted to automate the whole process.
Case Study
Improving Vending Machine Profitability with the Internet of Things (IoT)
The vending industry is undergoing a sea change, taking advantage of new technologies to go beyond just delivering snacks to creating a new retail location. Intelligent vending machines can be found in many public locations as well as company facilities, selling different types of goods and services, including even computer accessories, gold bars, tickets, and office supplies. With increasing sophistication, they may also provide time- and location-based data pertaining to sales, inventory, and customer preferences. But at the end of the day, vending machine operators know greater profitability is driven by higher sales and lower operating costs.
Case Study
Predictive Maintenance for Industrial Chillers
For global leaders in the industrial chiller manufacturing, reliability of the entire production process is of the utmost importance. Chillers are refrigeration systems that produce ice water to provide cooling for a process or industrial application. One of those leaders sought a way to respond to asset performance issues, even before they occur. The intelligence to guarantee maximum reliability of cooling devices is embedded (pre-alarming). A pre-alarming phase means that the cooling device still works, but symptoms may appear, telling manufacturers that a failure is likely to occur in the near future. Chillers who are not internet connected at that moment, provide little insight in this pre-alarming phase.
Case Study
Remote Wellhead Monitoring
Each wellhead was equipped with various sensors and meters that needed to be monitored and controlled from a central HMI, often miles away from the assets in the field. Redundant solar and wind generators were installed at each wellhead to support the electrical needs of the pumpstations, temperature meters, cameras, and cellular modules. In addition to asset management and remote control capabilities, data logging for remote surveillance and alarm notifications was a key demand from the customer. Terra Ferma’s solution needed to be power efficient, reliable, and capable of supporting high-bandwidth data-feeds. They needed a multi-link cellular connection to a central server that sustained reliable and redundant monitoring and control of flow meters, temperature sensors, power supply, and event-logging; including video and image files. This open-standard network needed to interface with the existing SCADA and proprietary network management software.