Phone Number +1-202-802-9399 (US)

Thycotic is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Using Secret Server as Proactive Security Defense at Saab

Written by Thycotic Team

June 21st, 2016

As vice president and CIO at Saab Defense and Security USA LLC, Per Hammarin manages a 10 member IT team in Washington, DC which is part of a parent organization based in Sweden.  Over more than 30 years and progressive positions within the civil aircraft and defense subsidiary of the company known for its iconic automobiles, Hammarin has worked all over the world in IT management roles.

In 2010, Hammarin helped to select Thycotic Secret Server as the on-premises privileged account management tool for the Saab Defense and Security parent company of 300+ users worldwide.

Hammarin, like many other customers evaluating Thycotic to address their privileged account management needs, chose to deploy Secret Server for the combined benefit of ease-of-use and effectiveness. “You don’t have to read a hundred-page manual or hire professional services to figure out how the system works.”

While the possibility of hackers compromising privileged account credentials may seem like an obvious risk to most, Hammarin takes advantage of additional security features to deter potential insider threats. For example, Saab has leveraged Secret Server’s:

  • Easy importing, making it simple for different teams to consolidate individual password files (Excel, documents, and dispersed tools).
  • Event Subscriptions to receive instant e-mail alerts when users access certain secrets.
  • Audit logs to gain visibility over what the IT team is doing regarding their job duties.
  • Heartbeat feature to detect if administrators change passwords outside of Secret Server.

“You have to recognize that sooner or later, an unauthorized person may get into your system; it’s just a matter of time,” Hammarin emphasized. “And if that happens, the odds are they will not be easily detected for months—the average time is now about 180 days before an intrusion with compromised credentials is discovered.” Since they’ve deployed automated password changing, Secret Server will have replaced the majority of credentials with new passwords several times in that timeframe, making a brute force attack less viable.

Learn more about Saab’s use of Secret Server and Thycotic experience with the full case study or watch Hammarin’s ‘How does SAAB feel about its Password Management solution? Interview.