Vulnerability to cyberattacks had been identified for this government department during an independent NIST risk assessment.
The organisation needed to develop a response to both external attackers and malicious insiders targeting Privileged Accounts as a way to gain access to their IT systems.
There was a loss of control of their Privileged Access Management (PAM) accumulated over many years, caused by multiple factors including poorly-integrated technology, high user-churn, and a need for behavioural change amongst staff committed to old ways of working.
Working closely with the Department‘s SecOps team and business users, MTI designed the solution, built and tested it to ensure it met all requirements, and supported the Department with the roll-out and transition, including onboarding users and securing buy-in.
The Challenge
- We understood the need to take a holistic view of the situation, and provided a bespoke solution, designed, built, implemented, and maintained inhouse.
- Working in collaboration with the Department‘s staff including their Security & Operations (SecOps) team we delivered a market-leading solution to create an integrated, flexible, and robust privileged access management system.
Process:
- Discovery & Design to understand and address specific needs
- Build & Test developing the right solution in collaboration with the department‘s experts.
- Transition to the system, including internal training and onboarding of users, building competency and buy-in.
- Supporting ongoing management through strong governance systems and a dedicated internal team.
The Solution
Tailored and customised CyberArk Privileged Access Management system to address privileged access management risks and challenges.
Results & Benefits
A tailored range of solutions based on in-depth client knowledge
- Reduced threat from internal and external attacks against Privileged Accounts, ensuring compliance and data security.
- An holistic Privileged Access Management system that addresses the organisational, technical, and human elements of their privileged access challenges to ensure a robust, integrated approach.
- CyberArk is segregating users from privileged accounts for business critical systems, automatically setting complex passwords and rotating them regularly.
- Users no longer need to store or remember passwords reducing the risk of loss, theft, lockouts or exposure of the credentials.
- Increased competency within their organisation, both in system users and their technical and security teams.
- Significant reduction in legacy privilege accounts.
It‘s a pleasure to work with CyberArk SMEs who know the product inside out, and can provide authoritative, clear and comprehensive responses to questions and challenges.
Technical Design,
Authority Lead
Why MTI?
The department chose MTI as CyberArk’s first and longest standing partner in the UK, knowing we would bring the relevant knowledge and experience to successfully deliver this complex project. This included our track record working with organisations and systems of a similar size and scope. They were assured we would able to provide them with a partnership working model, deep-diving their environment to build a thorough understanding and address their problems holistically.
