By: David Lokke
Things were going well in IT, and then the company began to lean into the cloud. There were multiple reasons, including the decision to move to AWS. First PREMIER Bank wanted to embrace the cloud, and as part of this larger initiative, we were to transition all of our applications from on-prem servers.
At the same time, BeyondTrust was turning its attention to Password Safe. I was interested and watched some demos to learn more about it. Password Safe seemed even more user-friendly than Privileged Identity, with more features. Between our larger cloud initiative and the Password Safe integrations with our other BeyondTrust solutions, adopting Password Safe seemed like a smart move—especially given our AWS migration. Password Safe could connect straight to the Privileged Remote Access device and, from there, go to AWS. It would make things easier and more seamless, offering a better experience for our vendor partners.
I’ll give you one example of how we expected Password Safe to make life easier. Trying to change passwords on a service account—an account used to run an application behind the scenes—used to be a nightmare. People don’t always remember where passwords are, and changing them could break things and create big headaches for many people. Sometimes, fixing that situation meant restoring everything to the moment before changing the password, which could again lead to lost work. It can get nasty, especially when dealing with other departments.
Password Safe would make the whole process more efficient, eliminating the need for duplicate work, easing collaboration between departments, and helping decrease audit findings.
Even though the migration from Privileged Identity to Password Safe was part of the larger cloud initiative, people were hesitant. While I had spent a lot of time doing due diligence, others in the organization didn’t understand the platform yet and were worried about how the switch would impact them. They had a lot of “what if” scenarios on their minds, and I faced many questions about what would happen if/when we lost internet access. I remember one VP telling me he would ideally like to have a hybrid environment, despite the company’s cloud initiative.
What many people didn’t know, though, is that the plan included having an on-prem server that periodically replicates our data. Knowing that we had this option reassured everyone—including the VP.
Another benefit of moving to the cloud is that BeyondTrust will handle updates from now on. Not having to perform updates myself (and not having to schedule downtime for those updates) is a huge benefit. Upgrades for Privileged Identity used to be pretty intense because they required updating the SQL database, which took a few hours—if nothing went wrong. I would usually perform the upgrade in the test environment first to make sure everything went smoothly before scheduling the change in the live environment. The downside to that process is having to make the upgrade twice.
Shifting the responsibility to BeyondTrust will save me several hours per upgrade, and I know we will always be using the current version. We will also have the option to delay the update if we need to for any reason.
Throughout it all, BeyondTrust has been a great partner. The leadup process to launching Password Safe took a few months, and during that time, our BeyondTrust project manager, Lauren, gave us plenty of prerequisites to check off the list. And because Lauren was so organized, we didn’t need to allocate a project manager from our side. Our server build team built all the servers for me, I created all the accounts to ensure a consistent naming convention, and Lauren had everything else covered.
But that’s no surprise. From sales to support to engineering, BeyondTrust has always extended dedicated care and attention to our projects. Even their Go Beyond conference offers a more personalized feeling than other large-scale vendor events. There are opportunities to meet so many people, and I feel like the BeyondTrust team values me, not just my company name.
We went live at the end of June, and we’re all looking forward to this next chapter. The move to the cloud comes with questions and concerns, but BeyondTrust has addressed these with a new solution that will improve security and compliance at First PREMIER Bank. Because that’s what change is about: finding new opportunities to succeed and improve at what we do every day. For anyone considering making the same move to the cloud, don’t be afraid of change. Think about the possibilities on the other side.
SENIOR SYSTEMS ADMINISTRATOR