下载PDF
CyberArk > 实例探究 > Secureitsource
CyberArk Logo

Secureitsource

技术
  • 网络安全和隐私 - 端点安全
  • 网络安全和隐私 - 身份认证管理
适用行业
  • 金融与保险
适用功能
  • 商业运营
  • 质量保证
服务
  • 系统集成
  • 软件设计与工程服务
挑战
A Financial Institution overwhelmed with the administrative privileges sprawled across their end-user environment needed a solution which would reduce the attack surface these network entry points exposed without affecting the strict Service Level Agreement’s (SLA’s) they have with their customers. With thousands of applications in use, the company’s immediate need was to remove local administrative rights from end-user machines. This was necessary to prevent end-users from granting themselves privileged access to applications they hadn’t been authorized to use. Since both Windows and Mac computers were being used to access applications, they needed a solution that would account for both operating systems. Beyond reducing insider risk, the lack of controls around local privilege management could also make it easy for attackers to establish a foothold in the company through these machines, escalate privileges and move laterally across the environment until a jackpot of data is discovered that can be exfiltrated outside of the network. To add to this, the institution needed to implement a simple process for their users to request access to the applications they may have had unrestricted access to previously, but are now being restricted by the solution. The goal was to keep the users with the minimum rights they needed to do their day to day tasks.
关于客户
The customer is a large financial institution with over 10,000 employees. They operate in the consumer financial industry and are responsible for managing a vast array of financial services and products. The institution is highly regulated and must adhere to strict Service Level Agreements (SLAs) with their customers. They have a complex IT environment with thousands of applications in use, accessed by both Windows and Mac computers. The institution faced significant challenges with administrative privileges sprawled across their end-user environment, which posed a substantial security risk. They needed a solution to reduce the attack surface without affecting their SLAs and to manage local administrative rights effectively. The institution sought to implement a solution that would allow end-users to stay productive while ensuring robust security measures were in place.
解决方案
SecureITsource partnered with the financial institution to implement CyberArk’s Endpoint Privilege Manager solution. This solution was chosen to take control of the privilege issue while allowing end-users to stay productive. SecureITsource analyzed the company’s requirements and recommended CyberArk Endpoint Privilege Manager as the solution of choice. After reviewing the functionality of CyberArk, the company realized that beyond controlling privilege escalation, the detailed device and application inventories would be a large improvement to their security operations. During the implementation, the company’s security engineers found that the Endpoint Privilege Manager’s “monitor-only” mode was crucial to the project’s success as they were able to deploy the solution into production while simultaneously testing policies. This allowed SecureITsource and the company to test the impact of the access policies without affecting anything in the environment, ultimately releasing a production-tested solution in a short time frame. SecureITsource utilized its understanding of the CyberArk solution as well as role-based access control (RBAC) to design access policies for standard users, developers, desktop support users, and more. This granted the correct user’s access to the applications they needed on day one and reduced the need for users to request access overall. Moreover, SecureITsource worked to integrate Endpoint Privilege Manager with the company’s existing SIEM solution – delivering another boost to the company’s security operations by providing detailed logs and metrics of privileged activity throughout the organization.
运营影响
  • SecureITsource completely removed local administrative rights from all the company’s user-facing endpoints with minimal impact.
  • The solution resulted in reduced calls to the helpdesk and the company was able to use the access policies SecureITsource established to continuously improve and adapt their policies going forward.
  • The company now has visibility into all their applications, something they did not have before, and are able to utilize that information to make policy decisions.
数量效益
  • In three short months, SecureITsource completely removed local administrative rights from all the company’s user-facing endpoints.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.