Global Tier 1 Bank

Privileged Access Rights

Global Tier 1 Bank – Privileged Access Rights
Global Tier 1 Bank – Privileged Access Rights
14/08/2018 MHC
Systems analysed
Privileged access rights discovered
Data security compliant

Solution

We provided a Big Data Security Analytics team to conduct an audit of their 100K global systems. The team then added network forensics and big data analytics systems for capturing, processing, and analysing additional security data as well as governance structures to maintain compliance.

How

01.

Clean up the access list. Armed with the right analytics tools, MHC’s CISOs and PAM managers quickly identified rogue accounts and users who hadn’t accessed applications for a prolonged period. Once discovered these accounts were removed.

02.

Establish and manage separation of duties (SODs). MHC implemented processes for the management of SSH keys; used for accessing privileged accounts by the PAM system including discovery and management of user keys on managed systems.

More
While business managers are responsible for establishing separation of duties rules, few actually do. IT and security teams rarely fill this gap as they may not have the business process knowledge for policy creation or enforcement. Our PAM security analytics enabled client business managers to view business process relationships and find potential conflicts of interest related to compliance and risk. This helped them establish and manage SODs moving forward.

03.

Manage privileged users. Our privileged analytics tool calculates risk scores for privileged accounts and users through behavioural analytics and correlation of privileged activity with vulnerability information.

More
This is a very complex process as software like Oracle databases have a multitude of privileged accounts that can’t be turned off. Furthermore, there are many privileged accounts used by application, network, storage, and systems administrators on a daily basis. The client’s PAM managers are now able to use the analytics we embedded into the client’s systems to manage their multitude of privileged accounts and create rules that trigger security alerts when anomalous behavior is detected.

Result

1. Hugely reduced data security risk through the removal of many redundant and compromised privileged access rights.

2. Transfer of tool and governance processes to the client to ensure they are able to effectively manage the security of their data into the future.

3. Full data security compliance with all relevant legislation in all countries the client operates in upon project completion.

000

Related Insights

Case StudiesService: Payments
Payments Sevice Strategic Review and Implementation of Replacement Platform
ArticlesService: Cyber security
Email Phishing Protection
Email Phishing Protection
Case StudiesService: Cyber security
Global Tier 1 Bank – Cyber Security Operations Automation