Global Tier 1 Bank

Privileged Access Rights

Global Tier 1 Bank – Privileged Access Rights
14/08/2018 MHC
Systems analysed
Privileged access rights discovered
Data security compliant

Solution

We provided a Big Data Security Analytics team to conduct an audit of their 100K global systems. The team then added network forensics and big data analytics systems for capturing, processing, and analysing additional security data as well as governance structures to maintain compliance.

How

01.

Clean up the access list. Armed with the right analytics tools, MHC’s CISOs and PAM managers quickly identified rogue accounts and users who hadn’t accessed applications for a prolonged period. Once discovered these accounts were removed.

02.

Establish and manage separation of duties (SODs). MHC implemented processes for the management of SSH keys; used for accessing privileged accounts by the PAM system including discovery and management of user keys on managed systems.

03.

Manage privileged users. Our privileged analytics tool calculates risk scores for privileged accounts and users through behavioural analytics and correlation of privileged activity with vulnerability information.

Result

1. Hugely reduced data security risk through the removal of many redundant and compromised privileged access rights.

2. Transfer of tool and governance processes to the client to ensure they are able to effectively manage the security of their data into the future.

3. Full data security compliance with all relevant legislation in all countries the client operates in upon project completion.