North American Energy Provider

Implementing CyberArk's Privileged Access Management Solution

  • A North American leader in delivering energy. They also have an increasing involvement in power transmission.

  • Client requested RAAH services to enhance the security of its service accounts and better leverage its existing investment in its CyberArk deployment.

Problem Statement

  • Many service accounts were found to be over utilized and insecure

  • Need for a thorough Application Discovery

  • No Highly-Privileged Accounts (HPA) and Service Account Lifecycle Framework

  • Need to mitigate external and internal risks

  • Lack of detailed monitoring and recording of privileged sessions

  • Need for securely Store and rotate Application Credentials

Technology Used

  • CyberArk Discovery & Audit (DNA)

  • CyberArk Privileged Account Security

Implemented Solution

  • RAAH consultants identified as many applications owned accounts as possible. Identified if leveraging a script or an application will be more suitable for the following tasks:

  • Aid in deploying the script or the application

  • Identify existing shared service accounts and determine whether they need to be separated

  • Identify service account job assignment

  • Identify application owned accounts

  • Identify application owned account job assignments

  • Defined new repeatable methodology for managing new and existing privileged accounts (i.e. human – DBA, system admin, workstation admin) and service accounts (machine accounts) in CyberArk with specific emphasis on the following use-cases:

  • Legacy service accounts

  • New Highly Privileged and Service Accounts

  • Provided configuration of a sampling of privileged accounts

  • Reviewed the existing CyberArk deployment and determined any changes or additional configuration items that may be necessary

  • Defined windows based service accounts

  • Defined Unix / Linux service account

  • Defined network device administrator account

  • Defined application owned account

Benefits of the Solution

  • Better management and control of the privileged accounts and services accounts

  • Detailed Application Discovery uncovered security gaps and threats

  • Password credentials rotation helped to eliminate the need for password reset and sharing of privileged accounts passwords

  • Highly privileged accounts and service accounts framework was put in place for easier administration and automation

Have a question? Give us a shout, we would love to answer!

(678) 735-9229

3355 Lenox Rd NE #750, Atlanta, GA 30326, USA

©2019 by RAAH Technologies INC.