One of the oldest private sector Insurance Industry in India.
The client deployed advanced information technologies to enable a sustained growth, ensure better services to clients, and boost productivity. However, relying on a host of database servers and applications and third-party software meant that the data was always vulnerable to unau-thorized access in the backdrop of a growing IT infrastructure. Securing critical data assets was a big challenge. ARCON’s highly-advanced Privileged Access Management will help the Insurance Institute strengthen its access controls and monitoring. Besides, it will also help in fulfilling the compliance requirements.
Administrators need to remember multiple administrative passwords to login different systems
No accountability for usage of increasing number of Privileged IDs and compliance issues
No accountability and trace for third party/vendor activities
Review of administrative/privileged user activities
To overcome several challenges, the Insurance Institute chose ARCON’s Privileged Access Man-agement Solution, which is a multitier life-cycle solution for managing, monitoring, and securing password management and end-to-end monitoring of all activities associated with privileged accounts. Our Implementation team assessed the IT architecture of the client. It held a series of discussions with system administrators, application owners, IT support and steering committee members of the Insurance Institute.
Following the mapping of IT architecture and consultations, ARCON planned two Implementation Phase.
Phase : 1
It included rollout of Access Control Settings, considering shared environment of the data cen-ter. This enabled approval for every access to sensitive data, improved productivity, and access based on service tickets including maintaining the log for each access request.
Phase : 2
In this phase of project rollout, ARCON focused on creation of enterprise level Password Vault, which allowed the client to enforce a password policy across most critical IT systems. It allowed ensuring accountability and access on ‘need-to-know’ basis for datacenter servers, applications, and technology support teams.
The Solution helped the Insurance Institute to establish a central console for flexible operations of all actions associated with password management from requests to resets. Solution design provided better authentication and audit capabilities. Every user account was integrated with the central repository (Privileged Access Management Solution), including MSQL, Windows ad-mins, Unix Root, super admins, SSH based logins (for switches, routers, swift users, firewalls)
The solution allowed the Insurance Institute to store and monitor critical audit trails for audit and compliance purpose. It managed to provide highest satisfaction to Information Security managers with mechanism for log review for critical sessions.
ARCON is a leading Information Security solutions company specializing in Privileged Access Management (PAM) / Privileged Identity Management (PIM) and Continuous Risk Assessment solutions. With its roots strongly entrenched in identifying business risks across industries, it is in a unique position to comprehend and identify inherent security gaps in an organizations infrastructure framework and build and deploy innovative solutions/products to significantly mitigate potential risks.