CyberArk Helps Global IT Service Business Build Cybersecurity Assurance

Summary

Manual privileged access processes encumbered Persistent, a top 10 Indian IT services company, so it turned to CyberArk. Deploying CyberArk Endpoint Identity Security (EIS) automated and reduced time for privilege elevation and delegation management (PEDM) on endpoints and servers from 24 hours to below one hour for 3,000 developers worldwide. It has also helped Persistent improve compliance and auditing, cement its robust security reputation, and deliver peace of mind to management.

Company profile

Persistent Systems (BSE & NSE: PERSISTENT) is a global services and solutions company delivering Digital Engineering and Enterprise Modernization to businesses across industries. With over 23,900 employees in 19 countries, the Company is committed to innovation and client success. Persistent offers a comprehensive suite of services, including AI-enabled software engineering, product development, data and analytics, CX transformation, cloud computing, and intelligent automation. The Company is part of the MSCI India Index. It is included in key indices of the National Stock Exchange of India, including the Nifty Midcap 50, Nifty IT, and Nifty MidCap Liquid 15 as well as several on the BSE such as the S&P BSE 100 and S&P BSE SENSEX Next 50.

Persistent is also a constituent of the Dow Jones Sustainability World Index. The Company has achieved carbon neutrality, reinforcing its commitment to sustainability and responsible business practices. As a participant of the United Nations Global Compact, Persistent is committed to aligning strategies and operations with universal principles on human rights, labor, environment, and anti-corruption, as well as taking actions that advance societal goals. With 327% growth in brand value since 2020, Persistent is the fastest-growing IT services brand in the 2024 Brand Finance India 100 Report.

Employees: 23,941

Challenges

It could have been a perfect security problem. Three thousand developers worldwide accessing and developing IT systems and applications that handle sensitive and valuable financial, healthcare and personal data. Yet, Debashis Singh, CIO at Persistent, knows that keeping sensitive and valuable data safe in the ever-changing world of data security is a challenge, one he finds exciting and worthwhile.

Along with a raft of security technologies, policies and practices, Persistent has deployed CyberArk Endpoint Identity Security (EIS) to protect its 3,000 developers. “The biggest challenge in the cybersecurity environment is human dependency. And due to the automation, the biggest advantage of CyberArk is peace of mind,” said Singh. “Human error is always possible, but control is almost perfect if you can mitigate that.”

Protecting staff and their identities is driven by a change in the threat landscape that Persistent and many other organizations face. “The defined parameters or enclosed environment for employees has disappeared. Everyone is spread all over the globe,” said Singh. “Applications have moved to the cloud, not just one cloud, but multi-cloud. In this fluid situation, you must look at security differently. The critical things are identity security and access management and how you extend these to the endpoint. Who needs what resources, and how and when do you provide access?”

Persistent’s developers need privileged access to work on internal and external customer systems and applications. This level of access and a global footprint put these staff at greater risk of attack. Persistent has robust security processes and controls, but managing privileged access and identity security was manual. Users had to request access from an IT admin, who then checked credentials and access rights. “This was time-consuming because every time you make a request, someone needs to go through a manual process,” explained Singh. “It impacted time to market because of various delays, required additional resources and there was always the risk of human error, which could introduce a vulnerability.”

Typical access requests took four to 24 hours to grant, or longer if a developer had to move on to another task while waiting for access. Singh set about finding a way to speed up access and make it more efficient and decided to use CyberArk Endpoint Identity Security.

Persistent evaluates new solutions using criteria such as ease of deployment and management, reliability, supplier reputation, stability and future roadmap. CyberArk won against several market-leading products. “There are two factors that particularly stood out about CyberArk Endpoint Identity Security,” commented Singh. “One is CyberArk’s market position based on customer feedback and Gartner reports. The other factor is CyberArk’s investment in new features and capabilities. The cybersecurity market and threat levels are constantly changing, so it is important that whatever solution we use is supported for the long term.”

Solutions

Persistent has built a CyberArk identity security platform based on CyberArk Endpoint Identity Security, a solution that removes local admin rights, enforces least privilege and implements foundational endpoint security controls across multiple environments, including the cloud. Furthermore, CyberArk Endpoint Identity Security integrates and complements a range of other security tools to create and maintain the Persistent Cyber Resiliency Framework. “Persistent is looking forward to a long-term partnership with CyberArk,” shared Singh. “We have invested in the relationship and are aligned with the CyberArk product roadmap.”

CyberArk Endpoint Identity Security automatically manages privilege elevation and delegation (PEDM) for the 3,000 developers and engineers performing regular development and maintenance functions and upgrades. Many work in the company’s market-leading Persistent.AI division, named the Generative AI Market Leader in the HFS Horizons: Generative Enterprise™ Services, 2023 Report . Persistent.AI develops various AI solutions and applications for clients in financial services, life sciences and technology industries.

Results

“The biggest challenge in the cybersecurity environment is human dependency. And due to automation, the biggest advantage of CyberArk is peace of mind. Human error is always possible, but control is almost perfect if you can mitigate that.”
-Debashis Singh, CIO at Persistent

For Singh, two of the most critical aspects of CyberArk Endpoint Identity Security are endpoint privilege management and time. “CyberArk means we can assure our customers that Persistent, its developers and how we produce customer solutions are robustly protected. And that protection is automated, audited and verified at any time,” explained Singh. “CyberArk Endpoint Identity Security saves time and effort and increases productive time for borg developers and IT Security administrators because all those manual steps granting access and the time waiting for access are gone. It used to take four to 24 hours, and now it is less than an hour.”

CyberArk plays a key role in helping Persistent address identity security, which the company defines as one of the most important areas of modern-day cybersecurity. “Consider the kind of customers we serve, especially those in finance, healthcare and life sciences. They look intensely at our security posture, processes and governance and how we control and audit them. CyberArk is a critical part of the interdependent components that form our robust cybersecurity posture, especially for identity security.”

Because of its client portfolio, Persistent must meet several industry regulations and compliance standards. CyberArk supports this by automatically managing privileges based on policy, enabling visibility and, most importantly, recording access activity as evidence for auditing and incident analysis. CyberArk has made auditing quick and efficient by replacing manual evidence-gathering, like taking and saving screenshots, with automated, real-time reporting.

Both security management and the user experience have improved. “From the user perspective, CyberArk Endpoint Identity Security ensures access is instantly available and seamless. Users need not worry about repeating the same process over and over because the business rules are pre-defined,” explained Singh. “We have multiple users accessing multiple systems simultaneously, and CyberArk Endpoint Identity Security gives IT administrators complete and unified visibility and control across all activities in real-time.”

Key benefits

• Cuts time to grant privileged access on the endpoint from 24 hours to below one hour
• Automates slow, error-prone manual processes
• Removes the risk of human error
• Makes auditing and reporting faster and more efficient
• Supports industry regulation compliance