Challenge: Manage and Track Changes to Active Directory to Ensure Compliance
Columbia Bank is a rapidly growing Pacific Northwest Community Bank headquartered in Tacoma, Washington. Columbia Bank was recently ranked as the #1 bank based in Washington State and #17 in the United States by Forbes magazine. With $8.5 billion in assets and more than 150 locations in Washington, Oregon, and Idaho, the Bank prides itself on remaining focused on communities through its growth and expansion. That growth strategy is vital to Columbia Bank’s mission to serve its customers and remain their preferred option for all of their financial needs.
In order to support that growth, the Bank’s IT organization has taken a proactive approach toward infrastructure security, focusing on compliance and high availability of systems, data, and applications for its end users.
While Columbia Bank has grown organically and through acquisition, so has its infrastructure. With an increased number of administrators and users, privileged access quickly became complicated and difficult to govern. Any changes made to one area had a ripple effect, making it increasingly difficult for IT leadership to ensure compliance as IT scaled to adapt to the organization’s growth. The Microsoft tools they used for auditing did not provide enough visibility into changes or the source, making it difficult for the IT department to pinpoint and resolve issues. Furthermore, a lack of clear reporting showing the “who, what, where, when and why” of changes posed a risk to compliance.
We spent countless hours on triage, researching things like unexpected changes made to group policy and trying to figure out why the changes were made. Our old solution didn’t give us the data and reporting we needed. It was like searching for a needle in a haystack. — Navneeth Naidu, CISSP, Senior VP, Information Technology Services
Columbia Bank also maintains critical data in SQL databases. Visibility into changes made to those databases was a major compliance requirement. While their existing solution provided some reporting and auditing features, it was overly complicated and did not provide the IT team the actionable insight needed to respond quickly to security and access issues. The IT team needed a reliable auditing solution that could help them pinpoint a problem and quickly address it.
In order to gain visibility into the IT infrastructure to ensure high availability for users while maintaining compliance, Navneeth and team decided it was time to explore better solutions for auditing and privileged account management. The IT team wanted a solution that tracked changes to values; provided reporting that was clear and easy to read; and had the ability to initiate rollbacks for changes made in error.
After evaluating solutions from Microsoft and Varonis, Columbia Bank chose BeyondTrust PowerBroker Auditor for Active Directory, PowerBroker Auditor for SQL, and PowerBroker Recovery for Active Directory to address their privileged account management and auditing and recovery needs.
With PowerBroker Auditor, Columbia Bank’s IT team now has complete visibility into what changes are made at a granular level, as well as the ability to rollback any changes that were made in error.
With PowerBroker, we’ve seen a 50% decrease in time spent manually tracking down who made changes to critical areas like group policy. We have the alerting and reporting we need to address issues as they come up. And with the auditing functionality, the admins are better equipped to handle their tasks. The fear of a ‘ripple effect’ is eliminated because I know that we can track all changes and rollback when needed. — Navneeth Naidu, CISSP, Senior VP, Information Technology Services
THE POWERBROKER DIFFERENCE
- Minimize disruption: Recover a full tree, a portion of the directory, selected objects, or individual attributes.
- Reduce risk: Pinpoint changes that introduce security risks, jeopardize compliance, or reduce operational efficiency.
- Ensure accountability: Track the “who, what, when and where” for every change made to Active Directory.
- Confirm compliance: Provide access and change histories for compliance with SOX, PCI, HIPAA and other mandates.
- Centralize all audits: Access all audit data via a single database, even for multiple Active Directory forests.