For manufacturing companies, it becomes all the more important to constantly improve process management. Needless to say, operation and R&D managers are in a grinding pursuit of improving every aspect of the manufacturing processes through innovation, and automation. But amid rising digitization and increasing cyber-attacks, safeguarding IT assets (design, patents, etc.) is equally crucial.
The company had to face security challenges when IT security decision-makers realized that it never had a system in place to manage and monitor privileged accounts, which is one of the global compliance requirements. ADMIN accounts were shared and there was no mechanism in place to monitor passwords and access across all data centers. With a growing business and increasing responsibility for the management of technology infrastructure, our client required a solution to manage administrative access to a number of devices, applications, and network security devices.
Unauthorized Access To servers, network devices, firewalls, and critical data from internal and external privileged users, such as employees, auditors, suppliers, and vendors.
Superuser credentials and credentials data were exposed: When recording privileged passwords, most admins use Post-It notes, printouts, verbal or emailed passwords, and spreadsheets. Often, these spreadsheets are kept in file shares or drop boxes that are not properly restricted or secured. Having this information in a position where it could be easily infiltrated was a major security risk for the company and its accounts.
The identity of the user who accessed a particular system remained unidentified.
Continuous Monitoring Of privileged users, particularly IT administrators with critical passwords for network devices and IT infrastructure also posed a challenge.
Vendor Management Concerns For invoice document exchange, they were concerned about the potential threats of malware, viruses, and ransomware entering their network.
Secure Access to 50+ Applications by implementing proper Multi-Factor Authentication (MFA).
Hybrid Environment with both on-premises and cloud infrastructure to secure applications and critical data across this diverse landscape.
Blue Star Data Security Team engaged with the IT team of the company to address their requirements. The client had prior experience deploying a competitive PAM solution. However, when introduced to the agentless Wallix PAM solution, they expressed interest in exploring it further.
We successfully pitched the Wallix PAM solution to the client through a comprehensive product presentation and followed it up with a live demonstration. The client stakeholders were impressed, leading to a request for a Proof of Concept (POC). A Non-Disclosure Agreement (NDA) was signed to initiate the POC.
WALLIX’s PAM Dual factor authentication will allow the client to thwart malefactors’ attempt to intrude into IT systems and compromise sensitive information while the Audit trail will provide comprehensive audit trails and session recordings to ensure that all activities are tracked and these logs are encrypted and separately stored creating a legal hold while the Live Dashboard will enable the sysadmin to assess what is going on or what a particular user is doing at any point of time.
The client provided several use cases during the POC and defined success criteria. These included functionalities like Glass Break, privileged user access for internal and external users, access via Jump server for Firewall (Fortinet), web application external user access, and much more.
Although ARCON and other competitive solutions exist, the client chose a perpetual model offering unlimited users and 400 devices, along with a one-year support contract.
• It enabled to hold control around all privileged account activities shared across multiple IT environments
• Usage Dashboard provided a real-time analysis of the all privileged user activities.
• Custom Access Control enabled the Information Security team to define access based on the requirement and job profile
• Dual Factor Authentication and Gran¬ular Access Control provided Vendor/third party Access Control