CyberArk > Case Studies > Global Financial Services Firm Overcomes Operational Complexity to Improve Emergency Access to Privileged Accounts

Global Financial Services Firm Overcomes Operational Complexity to Improve Emergency Access to Privileged Accounts

CyberArk Logo
Customer Company Size
Large Corporate
Region
  • America
  • Asia
  • Europe
Country
  • United States
Product
  • CyberArk Privileged Account Security Solution
  • CyberArk Application Identity Manager
  • Digital Vault
Tech Stack
  • Oracle
  • SQL
  • Sybase
  • LDAP
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Productivity Improvements
  • Cost Savings
  • Customer Satisfaction
Technology Category
  • Cybersecurity & Privacy - Identity & Authentication Management
  • Application Infrastructure & Middleware - API Integration & Management
  • Application Infrastructure & Middleware - Database Management & Storage
Applicable Industries
  • Finance & Insurance
Applicable Functions
  • Business Operation
  • Quality Assurance
Services
  • System Integration
  • Training
  • Software Design & Engineering Services
About The Customer
The customer is a global financial services firm, one of the oldest in the United States, with $2 trillion in assets. The company operates in more than 60 countries and employs over 200,000 people. It is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity. The firm's Security and Risk Management Group is responsible for onboarding and off-boarding users, enforcing policies for break-glass and emergency privileged accounts, managing Enterprise Single Sign-On (ESSO) accounts, and user authentication for more than 10,000 internal and external users. The group faced significant challenges in managing nearly 50,000 emergency or break-glass accounts, which are essential for emergency access to over 20 target platforms across seven lines of business.
The Challenge
This global financial services firm, with $2 trillion in assets and operations in more than 60 countries, faced significant challenges in managing nearly 50,000 emergency or break-glass accounts. These accounts are essential for emergency access to over 20 target platforms across seven lines of business. The firm's Security and Risk Management Group was under immense pressure due to the manual and burdensome processes required to manage these accounts. The complexity was further exacerbated by the use of three large, regional Lotus Notes databases for managing break-glass accounts, which contributed to extended password request and fulfillment times. The primary goals for investing in a privileged identity management solution were to reduce costs through better automation, migrate from the slow and complex Notes technology, and centralize the databases.
The Solution
The firm chose the CyberArk Privileged Account Security Solution, a full life-cycle solution for securing, managing, automatically changing, and monitoring all activities associated with privileged accounts. The initial phase of the project involved the global rollout of the Digital Vault, a component of the CyberArk solution. The Digital Vault enables organizations to enforce enterprise policies that protect critical systems, minimize business loss, ensure accountability, and improve workforce productivity with a simple web-based access control interface and automated password replacement engine. The system now supports 12,000 users who need to access privileged accounts routinely. The solution also integrated with the firm's existing enterprise environment, including ESSO technology, three helpdesk ticketing systems, and all target platforms. This integration significantly streamlined the processes necessary for managing and granting emergency user access and automating password resets.
Operational Impact
  • The firm has significantly streamlined the processes necessary for managing and granting emergency user access and automating password resets.
  • The integration with ESSO technology allows users to benefit from one shared account to all the systems they have access to based on predetermined policies and access rights.
  • The implementation of out-of-the-box and custom APIs to Oracle, SQL, Sybase, and LDAP databases has been successful.
  • The firm has been able to decrease the number of dedicated resources necessary for managing break-glass accounts and reassign them to other roles.
  • The team has benefited from the ease-of-use and related efficiencies afforded by the CyberArk Privileged Account Security Solution, eliminating manual steps that traditionally bogged down productivity.
Quantitative Benefit
  • Supports 12,000 users who need to access privileged accounts routinely.
  • Manages nearly 50,000 emergency or break-glass accounts.
  • Operates in more than 60 countries with 200,000 employees.
  • Handles over 20 target platforms across seven lines of business.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.