North American Energy Provider achieved Privileged Access Management using CyberArk by trusting on RAAH

Customer Snapshot

  • A North American leader in delivering energy. They also have an increasing involvement in power transmission.
  • Client requested RAAH services to enhance the security of its service accounts and better leverage its existing investment in its CyberArk deployment.

Problem Statement

  • Many service accounts were found to be over utilized and insecure
  • Need for a thorough Application Discovery
  • No Highly-Privileged Accounts (HPA) and Service Account Lifecycle Framework
  • Need to mitigate external and internal risks
  • Lack of detailed monitoring and recording of privileged sessions
  • Need for securely Store and rotate Application Credentials
energy-provider

Technology Used

  • CyberArk Discovery & Audit (DNA)
  • CyberArk Privileged Account Security

Implemented Solution

  • RAAH consultants identified as many applications owned accounts as possible. Identified if leveraging a script or an application will be more suitable for the following tasks:
  • Aid in deploying the script or the application
  • Identify existing shared service accounts and determine whether they need to be separated
  • Identify service account job assignment
  • Identify application owned accounts
  • Identify application owned account job assignments
  • Defined new repeatable methodology for managing new and existing privileged accounts (i.e. human – DBA, system admin, workstation admin) and service accounts (machine accounts) in CyberArk with specific emphasis on the following use-cases:
  • Legacy service accounts
  • New Highly Privileged and Service Accounts
  • Provided configuration of a sampling of privileged accounts
  • Reviewed the existing CyberArk deployment and determined any changes or additional configuration items that may be necessary
  • Defined windows based service accounts
  • Defined Unix / Linux service account
  • Defined network device administrator account
  • Defined application owned account

Benefits of the Solution

  • Better management and control of the privileged accounts and services accounts
  • Detailed Application Discovery uncovered security gaps and threats
  • Password credentials rotation helped to eliminate the need for password reset and sharing of privileged accounts passwords
  • Highly privileged accounts and service accounts framework was put in place for easier administration and automation

Request Information

For more information about our services, or to schedule a consultation, please contact us using the form below.

Contact Information

Full Name*

Full Address*

Email*

Phone

Brief Project Description*

Please leave this field empty.
OK!