CyberArk > Case Studies > Canadian Institutional Fund Manager Protects Against the Insider Threat with CyberArk

Canadian Institutional Fund Manager Protects Against the Insider Threat with CyberArk

CyberArk Logo
Company Size
1,000+
Region
  • America
Country
  • Canada
Product
  • CyberArk Privileged Account Security Solution
  • CyberArk Enterprise Password Vault
  • CyberArk Privileged Session Manager
Tech Stack
  • Unix
  • Oracle
  • Microsoft
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Cost Savings
  • Customer Satisfaction
  • Employee Satisfaction
  • Productivity Improvements
Technology Category
  • Cybersecurity & Privacy - Identity & Authentication Management
  • Cybersecurity & Privacy - Network Security
  • Cybersecurity & Privacy - Security Compliance
Applicable Industries
  • Finance & Insurance
Applicable Functions
  • Business Operation
  • Quality Assurance
Use Cases
  • Intrusion Detection Systems
  • Regulatory Compliance Monitoring
  • Remote Asset Management
Services
  • Cybersecurity Services
  • System Integration
About The Customer
The customer is one of Canada’s leading institutional fund managers, managing assets worth over $200 billion. The company has a proactive approach to security, given its investments in major financial markets, private equity, infrastructure, and real estate. With over 800 employees, the company must ensure robust security measures to protect against cyber threats. The company’s IT environment includes Unix, Oracle, and Microsoft systems. The customer’s primary concern was the potential for insider threats, particularly the abuse of privileged accounts, which could lead to significant damage to the business.
The Challenge
One of Canada’s leading institutional fund managers faced significant risks from potential insider threats. With over $200 billion in assets, the company needed to protect against both external and internal cyber attacks. The primary concern was the abuse of privileged accounts, which could allow malicious insiders to move freely and undetected within the network. The company had hundreds or thousands of privileged accounts that were unknown, unmanaged, or unsecured, posing a critical vulnerability. The challenge was to identify and secure all privileged accounts to mitigate the risk of insider threats.
The Solution
The company selected the CyberArk Privileged Account Security Solution to address the challenge of securing privileged accounts. They began by implementing the CyberArk Enterprise Password Vault to manage and track the use of privileged credentials across the organization. During the discovery process, they identified over 10,000 privileged accounts, many of which were previously unknown and had not been used or had their passwords changed in years. The company conducted a thorough clean-up of all privileged accounts, finding credentials across servers, firewalls, routers, and applications. Using CyberArk, they categorized privileged accounts into application, administrative, and service accounts, ensuring that access was managed through the Enterprise Password Vault. This solution allowed them to secure, manage, and track privileged credentials across all environments, operating systems, databases, applications, and network devices. The implementation provided individual accountability for specific activities, eliminating the ability for malicious users to hide behind shared accounts.
Operational Impact
  • The company automated the management of known privileged accounts, reducing operational overhead.
  • They identified and securely managed thousands of previously unknown privileged accounts, enhancing their security posture.
  • The solution provided individual accountability for specific activities, preventing malicious users from hiding behind shared accounts.
  • The company plans to leverage CyberArk Privileged Session Manager to monitor and flag any unauthorized attempts to create privileged sessions.
  • The solution will also be applied to vendors and third-party providers, providing a clear audit trail for any potential malicious activity.
Quantitative Benefit
  • Identified and secured more than 10,000 previously unknown privileged accounts.
  • Passwords for some accounts had not been changed in over 10 years, highlighting the significant risk mitigated.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.