One of the busiest airports in the world that connects more than 66 million people annually travelling across all continents deploys ARCON PAM to centrally administer Privileged accounts.
(Name withheld on request for confidentiality purpose)
There exists no domain or industry that is immune to data breach. Information systems managed by airport operators are one of the most vulnerable information assets. While strengthening the perimeter with network security solutions such as Intrusion Detection Systems (IDS), firewalls etc. helps filtering out malicious network traffic—enterprise resources need additional protective layers to secure sensitive information as not all risks are addressed by these peripheral controls.
Risks related to sophisticated targeted attacks always linger as organized cyber criminals can break into servers to bring down IT systems. Further, within the internal realm, unmonitored sensitive data needs protection.
Administrative accounts includingprivileged credentials exist in abundance as airport operators store a large amount of data in various servers and applications to conduct day-to-day operations. In addition to these humungous challenge, our client used wireless controllers for airport broadcasting and other internal operations. However, access credentials were shared thereby increasing the risk exponentially.
Operational efficiency to a large extent depends on how IT systems function. Secure access to underlying IT setup is one of the key components. ARCON provided a foolproof access control mechanism whilst mitigating a number of risks.
The airport operator typicallycontrols multiple devices and systems that store vital information, which is not just limited to customer/passenger information and ATC (Air Traffic Controller) related critical data. Our client required a comprehensive enterprise-level suite to ensure centralized administration of all privileged accounts for monitoring critical infrastructure that included airport planning, access, gates, key control, perimeter security, CCTVs, Intrusion Detection systems amongst other mission critical systems.
Number of devices: 500
Number of Privileged Ids: 30
In addition to the challenges mentioned above, the IT security personnel also faced obstacles because it lacked seamless access across all enterprise resources due to the absence of single-sign-on (SSO). The airport operator evaluated several options and ultimately decided to deploy ARCON’s enterprise-class Privileged Access Management (PAM).
The solution brought about Date Center efficiency, overcame its operations crippling challenges, and helped in fulfilling the compliance requirements.
ARCON PAM provided a robust security framework as it integrated with all operating systems and databases. All privileged account users were only allowed to logon to their respective systems by using a unique user ID, Password, and strong Two Factor Authentication (2FA).
To centrally manage multiple privileged user accounts, ARCON PAM provided a Menu Bar. Through the ‘My Access’ our client could comprehend the assigned service details while ‘Report’ and ‘Dashboard’ provided productivity enhancing tools in a secure and efficient manner wherein the security teams could easily monitor users logged on, services being accessed, and critical commands fired. ‘Manager’ helped the sysadmins to approve the raised user access request thereby reducing overall operational process significantly. This also ensured privileged users accounts to have restricted access.
Password Vault—this powerful engine automatically generated strong and dynamic passwords to manage multiple privileged IDs and Passwords in a seamless and efficient manner.
Additional Value Adds:
- Complete Audit Trails of all activities performed by privileged users
- Seamless access to multiple underlying technologies with single click (one set of login credentials) through SSO
ARCON is a leading Information Security solutions company specializing in Privileged Access Management (PAM) / Privileged Identity Management (PIM) and Continuous Risk Assessment solutions. With its roots strongly entrenched in identifying business risks across industries, it is in a unique position to comprehend and identify inherent security gaps in an organizations infrastructure framework and build and deploy innovative solutions/products to significantly mitigate potential risks.