Customer Overview
The customer is a world leader in welding and cutting equipment and consumables having presence across 140+ countries with 9000+ employees. They wanted to implement a PAM solution (CyberArk) across 4 Regions.
Business Challenges
The customer was facing issues such as missing tracking of local user and service account passwords. There was difficulty in maintaining multiple passwords for many admin accounts, in tracking changes done by admin accounts and in preventing users from storing passwords in clear text which increases security risk. They were missing least privilege access principle. There was also challenge in managing time and efforts spent on least privilege control.
Birlasoft Solution
Birlasoft implemented portal (Alero) for 3rd party access for segregating the licensing, and separation of duties to manage the vendor access effectively, designed and implemented a use case for role-based access control. 1200+ servers were onboarded for local and service accounts password rotation. There were separate roles created for the individual team to have visibility of only respective user logins.
Onboarded Azure Admin, O365 admin accounts and Firewall for central password management. Integrated with Rapid7 for Vulnerability management, account management and SIEM for log monitoring thereby managing 13 domains from 4 regions using the CyberArk solution.
Value Delivered
- Birlasoft met the SOX audit and compliance requirements
- Assisted in preventing credential theft from external attacks and privilege escalation from internal attacks
- Stopped lateral and vertical movement
- Enforced principle of least privilege
