Where Cybersecurity Meets Career Success – SecApps Learning

CyberArk Use Cases: Real-world Examples How CyberArk is Used in Different Industries

  • Home
  • Blog
  • CyberArk Use Cases: Real-world Examples How CyberArk is Used in Different Industries
Image
  • October 19 2024

CyberArk Use Cases: Real-world Examples How CyberArk is Used in Different Industries

CyberArk, one of the world’s leading cybersecurity companies, has carved a position for itself as a trusted advisor to the world’s top companies when it comes to identity and access management.  The CyberArk Identity Security Platform is built for the dynamic enterprise and enables secure access for any identity (whether machine or human) to any environment or resource from anywhere by the use of any device. As of date, CyberArk has ensured brand and organizational reputation protection of more than 50% of Fortune 500 businesses by securing their most-valuable assets. CyberArk - the official website states - works nonstop to drive security excellence for its customers. As a leader in privileged access management, CyberArk develops newer innovations on the one hand to help customers, while on the other hand, it employs proven methodologies to deliver world-class, award-winning customer experience. It carries the distinction of having developed first-to-market innovations that help prevent privileged attacks by employing its unique Identity Security strategy.

Also read: What is CyberArk and Why You Should Learn CyberArk in 2024

In this blog, we discuss some real-world examples of how CyberArk is being employed for Identity Security in different industries.

Healthcare

Healthfirst holds first place as New York State’s largest not-for-profit health insurer. It offers a wide range of high-quality, affordable plans that work for every life stage of its customers that include Medicaid, Medicare Advantage, qualified health, long-term care as well as individual and small group plans. Healthfirst has had the unique advantage of putting its members first by partnering closely with its wide network of providers on shared goals. Healthfirst is also a pioneer of the value-based care model in which physicians and hospitals are paid based on patient outcomes. Healthfirst has an annual revenue of US$14 billion and 5000 employees in its roles. Healthfirst was founded nearly 30 years ago. Over the years, it has worked with a range of hospital systems, community providers, and partners to improve health outcomes and advance health equity by providing better access to care especially for underserved communities.

Healthfirst’s rapid growth has meant that it now covers some 1.8 million members in New York state. Simultaneously, this has also created a risk-laden cybersecurity threat landscape owing to the humongous amounts of data the company possesses and works with at all time. It may be said that Healthfirst’s growth and corresponding complex needs and demands meant the health insurer needed a similarly robust cybersecurity programme. 

It should be remembered that Healthfirst possesses one of the most comprehensive databases of member-related information of the sector. This comprises customer care reports, enrollment and billing, payments, processing claims and substantial health data of customers. Protecting this highly-sensitive healthcare database of records and identities of 1.8 million members and 5,000 staff is of paramount importance and no doubt, a huge task. 

For its computing environment, Healthfirst adopted a cloud-first strategy. Approximately 70% of systems and applications are now cloud-based.

Also read: How CyberArk Enhances Security in the Cloud

Placing its trust in CyberArk as the market leader in its category, Healthfirst had already deployed a range of CyberArk products that included Privileged Access Manager and Vendor Privileged Access Manager. Additionally, the insurer entrusted CyberArk to provide privileged access management and decided to incorporate additional technologies from the Identity Security provider to secure its digital transformation. So, here Healthfirst has migrated several legacy secrets management apps to Conjure because it integrates seamlessly with developer workflows and can handle a large volume of secrets.

Alongside the CyberArk solution, Healthfirst ran an education and adoption program to help its staff understand the risk and impact that modern cyberattacks (like ransomware) could have on the organization and its members.

Also read: CyberArk Fundamentals - Essential Concepts and Terminology to Get Started

Finance

A leading Indian Bank in the private sector, DCB Bank, protects one million business and individual customers with CyberArk. By entrusting CyberArk to take care of its cybersecurity identity, DCB Bank works to augment productivity, strengthens identity security, improves compliance and auditing of the organization. DCB Bank Limited is a new generation bank with more than 425 branches pan-India. The bank has a contemporary technology infrastructure, with internet banking facilities for personal and business banking of its customers, and mobile banking app The Bank’s business segments encompass a range of sectors that include retail, government, public sector and public sector undertakings, agriculture, small, medium and large businesses as well as other Indian banks and financial institutions. DCB Bank has 10,000 employees in its roles. As of date, the bank has more than one million active customers. With breaches that compromise application secrets steadily on the rise and cybersecurity threats getting more and more grave, DCB Bank proactively invests in a secrets management programme and partners with CyberArk to implement a future-proof strategy that will protect and improve its overall identity security posture at all times.

CyberArk was particularly chosen for its identity security role because it offered DCB Bank a more secure and professional way to manage application secrets. DCB Bank deployed CyberArk Secrets Manager, the implementation of this was managed jointly by the Bank and CyberArk as business partner, along with close and responsive support from CyberArk. DCB Bank also employed the CyberArk Blueprint framework to continuously achieve risk reduction and accelerate operational efficiencies. DCB Bank has onboarded a few applications initially to understand the stability and subsequently onboarded more business-critical applications. As time goes by, the onboarded applications are expected to increase significantly in due course and will be either on-premises or the cloud.

As of date, DCB Bank is continuously enhancing its cybersecurity roadmap in partnership with CyberArk. It is in the process of evaluating other CyberArk Identity Security solutions in order to build a consistent, single platform for application secrets, and managing privileged accounts used by IT users, developers and applications. This may include privileged access for internal developers as well as securing access for external vendors who need to maintain their systems running in the Bank’s environment.

Retail

In Taiwan, Heng Leong Hang, the leading retail brand of the nation, protects hundreds of users across its 70 nationwide stores with CyberArk. Today, for the retail giant founded in 1960, security identity protection remains the focal point in its cybersecurity strategy. Heng Leong Hang is a prominent retail and wholesale distribution business in Taipei, Taiwan, with three distribution centers. It provides a range of products from traditional cameras and peripherals, batteries to modern small home appliances and housewares, to many well-known online retail e-commerce companies in Taiwan. Globally-renowned brands like Dyson, Braun, Honeywell, Lexon and Panasonic retails from Heng Leong Hang. To complement its B2B operations, the company also has an official direct e-commerce division. Because of its stature as leading retail business in Taiwan, Heng Leong Hang is a bigger target than many other businesses because it has hundreds of staff in remote locations throughout the country. In fact, many of these employees are often unaware of the growing risk of identity theft. 

As part of its overall strategy to strengthen security throughout the business, the company selected the CyberArk Identity Security Platform. The solution provides the most comprehensive intelligent privilege controls available and significantly reduces the risk of compromised identities.

Heng Leong Hang has also implemented several capabilities of the CyberArk Identity Security Platform comprising CyberArk Privileged Access Manager Self-Hosted (PAM), CyberArk Endpoint Privilege Manager (EPM) and CyberArk Adaptive Multi Factor Authentication (MFA). The range of solutions is used by the company’s entire workforce, including developers, extended IT, and third-party vendors. 

The CyberArk Adaptive MFA solution alone safeguards the access of multiple privileged account staff, almost a thousand workstation endpoints and hundreds of users across the workforce.

CyberArk has also been used in the organization to remove excessive local admin rights, enforce role-specific least privilege, and limit uncontrolled user access to applications. Core business systems and database servers are now monitored and secured, actions and events are logged and privileged access by the IT department is managed effectively. 

CyberArk also supports compliance requirements and objectives across the organization, Heng Leong Hang. The solution automatically logs activities such as when employees request and use privileged access. The company uses this to provide comprehensive historical records of actions and incidents which are mandatory for auditing and compliance. 

CyberArk has further improved endpoint security by stopping users from downloading and installing unauthorized software onto their local devices.
Furthermore, Heng Leong Hang has plans to extend its collaboration with CyberArk further by expanding its use of CyberArk MFA and including CyberArk Single Sign-On (SSO) to achieve password-less access. 

The CyberArk platform has successfully enabled Heng Leong Hang to centralize its identity and access management, endpoint privilege security, and privileged access management controls into one single source solution, in the process, easing the administration of its policies and compliance requirements.

IT & Telecom

With CyberArk, the German IT Services Firm, Matrix42, has successfully improved its cybersecurity productivity by 25%. Effectively, CyberArk has successfully put Matrix42 on course to implement an Identity-centric security strategy. Matrix42, based in Frankfurt, Germany, is a developer of workspace management software for small, medium, and large-sized enterprises and corporations. The company’s centralized and automated platform and SaaS solutions support workspaces across aggregated environments that include physical, virtual, and mobile. Matrix42 automates processes, license management and support functionalities, enabling clients to improve IT department efficiency. The company serves customers in Germany, Europe and worldwide. It has 400 employees in its roles. 

Matrix42 provides SaaS products and services to enable customers to improve and streamline IT operations. Many of these products and services are delivered via new environments like PaaS and the cloud-based services and are constantly threatened by cyber-attacks. For this reason, to thwart ever-increasing security threats, the business has developed a robust cybersecurity position. Its main SaaS application runs on Azure and benefits from Azure security tools and SOC operation. Nevertheless, the business needed a higher standard for safeguarding privileged identities including unalterable auditing capabilities. The company did have a designated password manager in its role whose responsibility was to share accounts and passwords, but overall, the governance of privileged access was too complex, time consuming and costly.

CyberArk was chosen above all others because the management of the company believed it remains the best product to support SaaS environments. Matrix42 has a hybrid IT infrastructure that comprises on-premises, internal systems in a small data center along with a cloud environment hosted on Azure for its SaaS customer solutions. 

The company also selected CyberArk amongst others because of its high performance, flexibility, and support for multiple technologies.

Manufacturing

CyberArk helps leading European manufacturer, Arçelik, cut its operation time by 87% while improving security simultaneously. Arçelik deploys CyberArk to strengthen its Identity Security and reduce and limit proliferation of Privileged Access. The company based in Turkey is among the top three white goods manufacturers in Europe and has used two CyberArk Identity Security solutions to replace slow, manual security with processes that are fast, efficient and automated. 

Arçelik is Turkey’s leading household appliance manufacturer and as mentioned before, is the third largest in Europe. It manufactures and markets a variety of consumer durable goods, consumer electronics, small home appliances and kitchen accessories. The major brands it handles include Beko, Grundig, Blomberg, ElektraBregenz, Arctic, Leisure, Flavel, Defy, Altus, Dawlance and Voltas Beko. It has 28 factories in nine countries and 52 subsidiaries in China, India, Bangladesh, Romania, Russia, South Africa, Thailand, Pakistan, other than Turkey. Currently, Arçelik provides goods and services in more than 150 countries. 

Needless to say, it needed a cybersecurity platform that ensured personal information, classified projects, critical financial and retail applications, and manufacturing control systems remain protected as the business operates with more than 45000 across geographies. “The priority at Arçelik is to protect our business, personal, financial and R&D data along with our strategic business plans,” informed the company’s Architect Systems and Cloud Administrator. “The aim is to ensure operational continuity without interrupting or hindering access to our critical systems. Identity security is essential to achieving that goal by securing user accounts, workstations, servers, and business operations.”

After a comprehensive proof of concept process, Arçelik chose CyberArk as its partner. Arçelik opted to use the CyberArk Identity Security platform because it provided a cost-effective cloud-based solution and concerned employees felt CyberArk was extremely simple to set up in just a matter of minutes and with only a few clicks.

Also read: CyberArk Architectures Explained

Comments ()

Leave a reply

Your email address will not be published. Required fields are marked*

Recent Post

Copyright 2022 SecApps Learning. All Right Reserved