CyberArk > 实例探究 > Canadian Institutional Fund Manager Protects Against the Insider Threat with CyberArk

Canadian Institutional Fund Manager Protects Against the Insider Threat with CyberArk

CyberArk Logo
公司规模
Large Corporate
地区
  • America
国家
  • Canada
产品
  • CyberArk Privileged Account Security Solution
  • CyberArk Enterprise Password Vault
  • CyberArk Privileged Session Manager
技术栈
  • Unix
  • Oracle
  • Microsoft
实施规模
  • Enterprise-wide Deployment
影响指标
  • Cost Savings
  • Productivity Improvements
  • Customer Satisfaction
  • Employee Satisfaction
技术
  • 网络安全和隐私 - 身份认证管理
  • 网络安全和隐私 - 安全合规
  • 网络安全和隐私 - 网络安全
适用行业
  • 金融与保险
适用功能
  • 商业运营
  • 质量保证
用例
  • 入侵检测系统
  • 监管合规监控
  • 远程资产管理
服务
  • 系统集成
  • 网络安全服务
关于客户
The customer is one of Canada’s leading institutional fund managers, managing assets worth over $200 billion. The company has a proactive approach to security, given its investments in major financial markets, private equity, infrastructure, and real estate. With over 800 employees, the company must ensure robust security measures to protect against cyber threats. The company’s IT environment includes Unix, Oracle, and Microsoft systems. The customer’s primary concern was the potential for insider threats, particularly the abuse of privileged accounts, which could lead to significant damage to the business.
挑战
One of Canada’s leading institutional fund managers faced significant risks from potential insider threats. With over $200 billion in assets, the company needed to protect against both external and internal cyber attacks. The primary concern was the abuse of privileged accounts, which could allow malicious insiders to move freely and undetected within the network. The company had hundreds or thousands of privileged accounts that were unknown, unmanaged, or unsecured, posing a critical vulnerability. The challenge was to identify and secure all privileged accounts to mitigate the risk of insider threats.
解决方案
The company selected the CyberArk Privileged Account Security Solution to address the challenge of securing privileged accounts. They began by implementing the CyberArk Enterprise Password Vault to manage and track the use of privileged credentials across the organization. During the discovery process, they identified over 10,000 privileged accounts, many of which were previously unknown and had not been used or had their passwords changed in years. The company conducted a thorough clean-up of all privileged accounts, finding credentials across servers, firewalls, routers, and applications. Using CyberArk, they categorized privileged accounts into application, administrative, and service accounts, ensuring that access was managed through the Enterprise Password Vault. This solution allowed them to secure, manage, and track privileged credentials across all environments, operating systems, databases, applications, and network devices. The implementation provided individual accountability for specific activities, eliminating the ability for malicious users to hide behind shared accounts.
运营影响
  • The company automated the management of known privileged accounts, reducing operational overhead.
  • They identified and securely managed thousands of previously unknown privileged accounts, enhancing their security posture.
  • The solution provided individual accountability for specific activities, preventing malicious users from hiding behind shared accounts.
  • The company plans to leverage CyberArk Privileged Session Manager to monitor and flag any unauthorized attempts to create privileged sessions.
  • The solution will also be applied to vendors and third-party providers, providing a clear audit trail for any potential malicious activity.
数量效益
  • Identified and secured more than 10,000 previously unknown privileged accounts.
  • Passwords for some accounts had not been changed in over 10 years, highlighting the significant risk mitigated.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。