CyberArk > Case Studies > Leading Insurance Company Uses CyberArk to Secure Mission-Critical Applications

Leading Insurance Company Uses CyberArk to Secure Mission-Critical Applications

CyberArk Logo
Customer Company Size
Large Corporate
Region
  • America
Country
  • United States
Product
  • CyberArk Application Access Manager
  • Red Hat OpenShift
  • ServiceNow IT Service Management
Tech Stack
  • Secrets Management
  • Containerization
  • CI/CD Tools
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Cost Savings
  • Customer Satisfaction
  • Productivity Improvements
Technology Category
  • Application Infrastructure & Middleware - API Integration & Management
  • Application Infrastructure & Middleware - Data Exchange & Integration
  • Application Infrastructure & Middleware - Middleware, SDKs & Libraries
Applicable Functions
  • Business Operation
  • Quality Assurance
Use Cases
  • Cybersecurity
  • Predictive Maintenance
  • Remote Asset Management
Services
  • System Integration
  • Software Design & Engineering Services
About The Customer
The customer is a major North American insurance company with annual revenue exceeding $25 billion and more than 25,000 employees. The company is a leader in the insurance industry and is focused on accelerating its digital transformation to enhance business agility and innovation. The insurer has a significant number of mission-critical applications running on Red Hat OpenShift and is committed to securing these applications using advanced secrets management solutions. The company aims to leverage DevOps methodologies and containerization to improve efficiency and reduce time to market for new services. With a strong emphasis on security, the insurer seeks to mitigate risks associated with hardcoded credentials and ensure secure access to sensitive resources across its hybrid and cloud environments.
The Challenge
The insurance company wanted to use DevOps methodologies and containerize thousands of applications to increase business agility, eliminate inefficiencies, and accelerate the pace of innovation. Containerized applications use secrets such as passwords, tokens, and SSH keys to gain access to sensitive enterprise resources such as databases, web applications, compute, storage, and networking services. The security team recognized that in some other organizations, out of expediency, developers have hardcoded secrets, access keys, and other sensitive credentials into applications. Hardcoded credentials are not only challenging to rotate but also potentially expose the business to data theft and malicious attacks. The insurer’s information security organization wanted to ensure credentials were removed from code to reduce potential vulnerabilities, such as inadvertently exposing secrets in the code stored on repositories. A key priority was to ensure applications can securely access databases and other sensitive resources without impairing developer productivity or hindering application delivery.
The Solution
The insurance company selected CyberArk Application Access Manager Dynamic Access Provider to secure its Red Hat OpenShift-based applications and CI/CD tools. The CyberArk solution is specifically architected for containerized and DevOps environments, allowing the company to efficiently secure, rotate, audit, and manage secrets and other credentials at scale, based on policy. A long-time CyberArk customer, the insurance company was well-versed in the advantages of the CyberArk Application Access Manager solution. By deploying CyberArk’s secrets management solution, the company also extends its previous CyberArk investments by providing a common digital vault and single point of control for credentials used by traditional and containerized applications, as well as by developers, test engineers, system admins, and other personnel. The company implemented a self-service framework using the ServiceNow IT Service Management platform as a front-end. This integration provides developers with a self-service solution, helping the company accelerate its digital transformation while strengthening security. The solution helps the insurer accelerate time-to-market, reduce risk, and free up development resources to focus on core functionality. With Application Access Manager, containerized applications gain secure access to Oracle, DB2, and MS SQL Server databases under the policies and guidelines established by the corporate security organization.
Operational Impact
  • Accelerated the business’s digital transformation by centrally managing secrets for applications migrated from on-premise to containerized and cloud environments.
  • Reduced development cycle by simplifying how developers enable applications to securely access databases and other sensitive resources.
  • Improved security by natively authenticating and then providing containerized applications with the secrets they require to access databases and other resources.
  • Eliminated secret zero by automatically rotating secrets based on policy and simplifying the removal of hardcoded credentials from code.
  • Achieved a migration plan of securely providing applications with 1+ million secrets per day using Application Access Manager.
Quantitative Benefit
  • Achieved migration plan of securely providing applications with 1+ million secrets per day.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.