South American Insurance Giant Calls On CyberArk To Transform Endpoint Identity Security

Summary

This South American insurance and pensions business has used CyberArk Endpoint Identity Security to extend Zero Trust and Identity Security to their endpoints. By reducing local admin accounts from over 2,000 to 0, the business has met industry standards and regulatory compliance. The CyberArk solution has also helped the business cut support resources and costs.

Company profile

This South American insurance and pensions business is one of the largest in South America. They offer a range of financial services and products covering insurance, pensions, savings and investments through a network of brokers who deliver their products and services to around 12 million customers.

Employees: 3,000+

Challenges

The cybersecurity market in South America is set to grow by US$9 billion by 2029¹, driven by increasing cyber-attacks and the imperative for businesses and the government to protect citizens’ information and financial assets. A leading financial institution in the region is responding to the dynamic by modernizing their cyber security programs. This insurance and pensions business, serving around 12 million customers, sees that the security and protection of financial assets and financial information is one of the most important concerns for their stakeholders and customers.

The financial services business aims to expand and grow its market-leading position by transforming how they deliver products and services to customers with innovative technology and digital experience initiatives. They have already invested hundreds of millions of dollars in their digital strategy and extensively use technology to increase operational efficiency and end user experience.

However, as the business progressed its digital transformation, it also seen an increase in their vulnerability to cyber attacks and threats like ransomware, phishing, computer viruses and especially identity theft. It is widely recognized that this particular industry holds large amounts of sensitive and valuable information about its customers’ finances. They were also vulnerable because their uncontrolled internal user accounts with local administrative access had grown to over 2,000, and the business had hundreds of external brokers and third-party suppliers who needed access to business systems on top of that. In addition to its duty of care to customers and staff, the company also faced increasingly more challenging and stringent compliance and financial regulations. These challenges spurred the company to embark upon a comprehensive cybersecurity improvement program comprising industry-standard best practices and certifications. One of the critical elements of this strategy was to improve endpoint identity security and to do that, they turned to CyberArk, the global leader in identity security.

Solutions

The company decided to develop a comprehensive endpoint identity security program based on CyberArk Endpoint Privilege Manager (EPM). It is an agent-based solution that enforces and monitors policies on authenticated users, restricting privileged access to resources and applications, and enabling seamless just-in-time access workflows. It controls the actions allowed or denied to privileged or non-privileged users at the time of access on the endpoint. Instead of uncontrolled access with little to no visibility, CyberArk EPM enabled the business to enforce least privilege based on the end user role so that users can perform their jobs, but the cyber risk to the organization is minimized.

In concert with the CyberArk-based endpoint identity security strategy and deployment of CyberArk EPM, the company also adopted several security frameworks, including NIST, CIS-Controls and ISO 270001. The latter required more stringent privileged access management and endpoint identity security policies, such as removing local administrator privileges and reducing the number of accounts with local administrative rights overall on servers and endpoints. The program also called for better control over software and applications installed and used on endpoints. To comply with these new initiatives the company could now use CyberArk EPM to manage and restrict end users in the organization from accessing or downloading unauthorized software onto local systems. CyberArk also helped gain better visibility over assets and access accounts.

Results

Using this CyberArk Endpoint Identity Security solution, the organization has improved cyber safety and operational efficiency, reduced costs and expanded security coverage beyond the IT infrastructure to include networks and other critical systems.

“The need to ensure more secure and efficient access management for users across our workstations and critical business applications drove the decision to use CyberArk EPM,” stated the CISO. “We can now meet the insurance industry’s stringent compliance demands more effectively. It also means we can protect our people and IT systems, optimize operations, reduce costs, and most importantly, protect our customers and their financial information.”

Some of the company’s results have highlighted the efficacy of its advanced, CyberArk-based cybersecurity stance. The company has completely removed local administrator privileges from all 2000+ users across the enterprise and replaced them with transparent elevation based on the user role and policy. Enforcing least privilege this way significantly minimizes unauthorized software installation and compromised data.

“Removing local admin privileges was critical to improving and strengthening our security. It has significantly decreased our exposure to potential cyber threats,” the CISO stated. “Local admin accounts exists across all workstations and servers and provide complete access to resources. Naturally, they are an attractive target for attackers. By completely removing administrator privileges from end users, the organization has minimized potential entry points that could be exploited by malicious actors via attacks like malware and established foundational endpoint security controls thereby enhancing endpoint identity security.”

Gaining greater control over endpoint privileged access and enabling users to self-serve access requests has significantly reduced support resources and costs. The company had been handling 150 requests for support and administrative rights monthly. That has now fallen to just five a month, a reduction in tickets and associated operational cost of 96%. Most of these tickets are from new employees unfamiliar with company practices.

By supporting compliance requirements such as ISO 270001, CyberArk EPM helps the business increase their competitive advantage as customers demand evidence of compliance and market-leading security technologies. CyberArk EPM also enabled the company to improve software management, a process for checking and validating new applications before approving them for installation and use, thus meeting secure compliance regulations.

The next phase of the company’s cybersecurity strategy will include standardizing which software families can be used and setting up an automatic password rotation facility on all local accounts to tighten security further. The company is also looking at using CyberArk to establish policies and procedures such as Just-in-Time (JIT) privileged access, where access would be granted only when and for as long as needed. That is the level of security and integrity valued customers expect and deserve.

Key benefits

• Cuts privileged accounts by 100% from over 2,000 to 0
• Reduces support resources and operational cost
• Supports and improves standards and regulation compliance
• Enables self-service software installation and privilege elevation requests
• Increases competitive advantage with a world-class cyber security stance

1. South American Cybersecurity Market Forecast 2029, Bonafide Research