How Integral Partners successfully deployed the CyberArk Privileged Cloud solution at BCG, redefined their existing privileged access management strategy, and reduced operational costs in the process.
Summary
A large consulting firm sought out Integral Partners to provide subject matter expertise for the implementation of the CyberArk PAM solution fully deployed and operated in CyberArk’s cloud environment. Working together with CyberArk Support engineers, we led the organization to successfully deploy the CyberArk Privileged Cloud solution; serving to implement a centralize PAM solution, redefine the existing privileged access management strategy, and reducing operational costs related to privileged access management functions.
Project benefits included:
⦿ Delivered a cloud-based centralized PAM solution
⦿ Reduced operational cost related to privileged access management functions
⦿ Improved user experience for privileged account and credential users
⦿ Reduced 50 domain user accounts to 10 shared domain accounts
⦿ Identified ~3500 non-compliant accounts
Vertical
IT / Consulting
IAM Technology
Privileged Access Managment
Advisory / Strategy
Solution
CyberArk Privileged Cloud
Solution Implemented:
CyberArk Privilege Cloud
SaaS solution that enables organizations to securely store, rotate and isolate credentials, monitor sessions, and deliver scalable risk reduction to the business.
Key Benefits:
Centralized PAM Solution, New Strategy + Training
The successful implementation resulted in reduced cost, a trained team dedicated to PAM, increased adoption and a more secure program.
The Challenges
After an underwhelming experience with another consulting firm to implement CyberArk’s Privilege Cloud product, BCG sought out Integral Partners to improve the deployment strategy for their second internal Privileged Cloud deployment. This second CyberArk solution would be configured to replace an existing internally developed PAM tool. The new PAM solution would include a Just-In-Time access strategy to provision enterprise domain admin privilege access only when needed. The solution would help address findings from an internal risk assessment that indicated the existing program was outdated and incapable of scaling privileged access security to match expected business growth while minimizing operational efforts for managing privileged access.
CyberArk was selected as the best solution to reestablish operational efficiency and shore up security confidence with leaders and key business stakeholders. As part of the deployment, Integral Partners helped redefine BCG’s PAM strategy and is now assisting with the implementation of the strategy. As a result of silo business units, privileged access management functions were inconsistent across the organization. Operational silos led to time-consuming manual account management processes and lack of responsiveness for resolving PAM related issues. A centralized solution provided a place to define and implement standard access management processes and scale the solution to serve the privileged access management needs of the organization, without interrupting business flow within each business unit.
The goals at BCG included reducing the cost of PAM related functions using a Cloud based deployment, defining an implementation plan that would increase adoption of the new PAM solution, and help build and train a dedicated Privileged Access Management Team.
The Integral Partners Solution
The existing PAM strategy was very inconsistent, and the legacy software technology was not adaptable to meet the privilege access transformation necessary for the organization to improve security and reduce risk; this led to multiple business silos throughout the organization working to manage the PAM program independently. The goals for the engagement were to:
- Reduce the cost of PAM related functions using a Cloud based deployment
- Build and Train a dedicated Privileged Access Management Team
- Define an implementation plan that would increase adoption of PAM solution
- Eliminate unmanaged privileged accounts
- Reduce the quantity of privileged accounts throughout the organization
The engagement started with expert advisory services, where we assessed current IDAM and PAM capabilities by conducting interviews and stakeholder workshops to determine key business drivers, current state, and future state business objectives for a Privileged Access Management program. Using the results of the Advisory services combined with deep industry knowledge of PAM security, Integral Partners helped design a solution architecture and defined the requirements and building blocks needed to deploy the CyberArk Privileged Cloud solution in accordance with the organization’s security goals; this included realistic phasing and scoping (i.e. roadmap) and proper technology settings (i.e. Firewall rules, digital certificates, etc.).
Working alongside CyberArk Support engineers, Integral led the team to successfully deploy the CyberArk Privilege Cloud solution serving to increase the adoption of a centralize PAM solution, redefine the existing privileged access management strategy and reduce hardware and operational infrastructure costs related to privileged access management functions.
The Value Delivered
The project provided many benefits that included:
- Built a world-class centralized privileged access management solution
- Reduced operational cost related to privileged access management functions
- Improved user experience for privileged account and credential users
- Established a centralized PAM operations team to build on the program foundation
- Reduced 50 domain user accounts to 10 shared domain accounts
- Identified ~1800 hard-coded credentials
- Identified ~3500 non-compliant accounts
