CyberArk Privileged Access Security for Volkswagen Bank Rus

THE IMPLEMENTATION OF THE SYSTEM OF CONTROL OF PRIVILEGED USERS (2020)

THE CHALLENGE BEFORE THE BUSINESS Compliance with the Volkswagen requirements for privileged access control. THE TASK BEFORE "IS" Providing access control for privileged users to information systems of the bank, increasing the information content of the evidence base on the actions of privileged users, reducing the risk of abuse of privileged authority. THE DECISION The Privileged Access Management (PAM) control system based on the CyberArk Privileged Access Security solution. THE IMPLEMENTATION To ensure the fault-tolerant architecture of the PAM system, Jet Infosystems specialists located it in two geographically separated data centers. One of the features of the project was a long period of trial operation of the system, which lasted about three months. During this time, the bank managed to smoothly transfer employees to work with the new system, and the integrator project team was able to receive detailed feedback from users and eliminate configuration flaws. A distinctive feature of the project was also the implementation in the system of a functional request and access coordination. In addition to fine-tuning the PAM-system, the integrator’s specialists adapted for it the privileged access control rules in force in a financial institution. The implementation of the system took place with the close interaction of integrator engineers and bank experts. So, the credit institution’s specialists independently implemented the test environment of the system, being guided by the instructions of the Jet Infosystems project team and receiving operational advice on emerging issues. Using the test environment of the system, Volkswagen Bank RUS specialists will be able to check the solution updates before applying them in a productive environment in accordance with the rules adopted by the bank.

• 9 IS. The number of Information Systems for which privileged user access control is provided.
• 50 users. The number of privileged users whose access is controlled by PAM.
• 2 data centers. PAM fault tolerance is provided within two data centers.
• 3 months. The duration of the trial operation of PAM was 3 months.

THE PROJECT RESULTS According to the results of the Volkswagen Bank RUS project, it brought the level of protection against insider threats into line with the requirements of the international concern and solved all the tasks. The system from CyberArk provided access control for 50 privileged users to 9 information systems of the bank. With the help of the solution, the IS service of a financial organization coordinates access to controlled systems and investigates incidents, IT specialists administer internal services, application software and databases, and developers get temporary access to apply updates to bank products. In the future plans of the credit, the institution is to expand the number of applications and services, privileged access to which is controlled using the PAM system. Ilya Udovitsky, Head of Information Security Department, Volkswagen Bank RUS: “It was important for us not only to integrate the solution into the IT infrastructure, but also into the existing privileged access control processes that are accepted and operate in the bank. In particular, we expected the project to increase the information content of the evidence base on the actions of privileged users by collecting detailed information about who, when, under what account and which systems it connects to. The specialists of Jet Infosystems helped us cope with all the tasks.”