A global software development corporation delivering cloud-based and on-premise software solutions for clients in industries that range from financial services to manufacturing, law enforcement, aviation, and more.
As part of the vendor management program of a large customer within the banking sector, an annual onsite audit identified a risk in relation to endpoint privileges. To mitigate the risk and improve the overall security posture, the bank required that the software supplier take action to implement a means of controlling excessive administrative privileges across approximately 5,000 user endpoints.
The company assessed five of the leading EPM offerings, including products from Ivanti, Thycotic, and CyberArk, but opted for BeyondTrust’s EPM solution due to its Quick Start policy, rapid deployment capabilities, ease-of-use and the fact that access privileges could be set at low, medium, and high flexibility levels, allowing developers to access and use the programs and applications they need to do their work.
As a global software developer, the company needed a solution that could be quickly installed and deployed—without disrupting the operations of a broad network of endpoints. Additionally, it was important to allow their sophisticated technical users enough leeway in accessing the programs and applications that they required for their work.
With the urgency to roll out the EPM solution, the company proceeded in planned phases, implementing the system in an initial pilot to developers in the U.K. Some of the developers were initially reluctant to accept the idea of removing administrative privileges, but their acceptance was quickly won over once BeyondTrust’s EPM proved to be frictionless.
BeyondTrust’s EPM auditing capabilities initially revealed some 30,000+ different applications being run on endpoints in the company’s global network. In the months since its deployment, Endpoint Privilege Management has identified many of the key programs that are in use regularly and productively at endpoint workstations, making it possible to begin whitelisting approved software and elevating privileges when required.