Success Story: Financial Institution

SDG Helps Financial Institution Secure Access to Their Infrastructure

A financial company was hacked. Afterwards, they undertook a risk audit, which revealed many security failures. They decided to take a three-fold approach to achieve their goal of locking down internal security and decreasing security risks.

SDG implemented a Ping application solution and an adaptive authentication solution (PingFederate® and PingOne®). Additional products that were being implemented by the company to address other risk audit findings included SailPoint, an identity governance and administration (IGA) solution, and CyberArk, which is a privileged access management (PAM) solution.

5_web-developer-busy-working

Challenges

SDG began their engagement by asking standard discovery questions.

  • Do you have a network diagram?
  •  Do you have a Requirements design document?
  • How do you plan to use the software?
  • What is your security policy on unique user id, password length, and requirements?
  • Do you have a single source of truth for user identities?
  • How do you onboard your staff today?
  • How do you terminate your staff today?
  • Are all your staff internal, or do you have external users who may need access to this software or the software being protected?
  • How many employees do you have?
happy-colleagues-sitting-in-office-coworking-e1617897505461

Security-software specific questions:

  • What applications would you like to do federation with?
    • Are the applications on-premise or are they Cloud-based?
  •  Do you require 2-factor authentication (2FA)?

The client’s answers to these questions represented some of the challenges SDG faced in implementing the identity and access management (IAM) solution. The client was just using Active Directory to control user access. But it wasn’t their Active Directory. The client had been spun off from its parent company, and they were still using the parent company’s Active Directory. So, changes made locally had to be made at the parent company as well.

weak_security-300x184

Our Solution

SDG designed a secure architecture for the IAM solution. We created a clustered environment for high availability, installed the IAM solution, and ensured that the systems communicated properly with each other.

We then customized the security solution to match how the client wanted to handle account Single Sign-On access and two-factor authentication according to the company’s security policies, state/federal oversight, and SEC regulations.

bigstock-Hand-working-with-a-Cloud-Comp-85962548-scaled

Results

With the SSO/2FA solution implemented, we were able to address security concerns and mitigate risk audit failures expressed by the company.