Thycotic Telephone Number +1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

Behind the Scenes: Endpoint Protection in the Cloud

mm

Written by Barbara Hoffman

April 16th, 2019

The cloud has certainly been a game changer, driving innovation and growth.  Companies that adopted cloud services experienced a 20.7% average improvement in time to market, 18.8% average increase in process efficiency and a 15% reduction in IT spending. Together, these benefits led to a 19.6% increase in company growth.

These savings and benefits, among many others, are driving 90% of companies to have some portion of their portfolio in the cloud by the end of the year.  Yet, when it comes to security technologies, the transition seems to be slower. Within the Privileged Access Management (PAM) space, in particular, Gartner predicts only 30% of deployments will be in the cloud by the end of this year.   Though this shift may be a bit lagging on the security side, it is clearly the wave of the future. When a large consumer products enterprise with an aggressive cloud-first strategy came to Thycotic looking for a cloud solution to secure their endpoints, we jumped at the opportunity.

Wanted: a cloud solution to protect tens of thousands of endpoints

Like most of our customers, this retail giant was seeking to improve their security posture by removing administrative privileges from more than 40,000 endpoints. The reason is simple. When logged in as an admin, every application running has unlimited access to that computer. If malicious code gets executed from a program or browsing to a site automatically downloads something malicious, that application also gains unlimited access.  So, managing privileged accounts, which includes local admin and root accounts, is a necessary element of a successful cyber security strategy – especially on endpoints. Does this endpoint problem sound familiar?

Unlike the bulk of our customers (though we see an increasing number) this large organization was seeking a cloud-based solution first and foremost—executing on their corporate-wide cloud-first strategy. Why the emphasis on a cloud-first strategy? Global enterprises with customers around the world, like this one, benefit greatly from the assurance of georedundancy found with a cloud PAM solution provided as a scalable service.  Cloud is also synonymous with high availability which means 99.9% uptime. In addition, they required a solution with the ability to scale easily to match the growth of their privileged accounts, applications and users, without losing control or slowing down other resources.

Quick Read: The new cloud security question PAM experts need to answer

This last point is critical.  In the competitive world of consumer products, the productivity of business users is paramount.  No level of business disruption or slow-down is acceptable—even if it comes at the expense of security.  When companies remove local administrative privileges from business users without considering the downstream impact, there is great potential for end-user disruption. Suddenly unable to download applications, run programs, install printers or make other system changes, users can become confused, frustrated and unproductive. Those frustrations are going to land squarely on the plate of the IT desktop and support team.

Application control works behind the scenes to enable the applications users need to do their jobs without requiring local admin rights

For this reason, application control  was a key part of their evaluation.  Application control works behind the scenes to enable the applications users need to do their jobs without requiring local admin rights. For most tasks, users experience no change and there is no impact on the helpdesk. This type of control prevents programs not on approved lists from running and provides users attempting to run them with a message box to ask for approval. This is also customized to explain why an application or program was denied and what users need to do to justify their request.

The team chose to take a 3-stage approach to rolling out Privilege Manager to better ensure minimal impact to business users. First, they began by monitoring and taking an audit of endpoints being used.  Second, they entered “teaching mode” during which time they defined and built policies based on their analysis of their initial audits.  Finally, they automated whitelisting and blacklisting on end user devices and ensured unknown applications have an automated path towards approval.

Ease-of-use for their helpdesk team was also an important factor in choosing the right solution. This staged rollout allows this team to become familiar with Privilege Manager as well as respond to requests easily using an intuitive interface. As more applications are reviewed and added to global application control policies there will be less need for the helpdesk to respond to user requests.

Successfully implementing a least privilege security model and controlling rights on endpoints can seem like a daunting task.  But it doesn’t need to be difficult, not even for an organization managing hundreds of thousands of endpoints. Scalable across hundreds of thousands of machines – Privilege Manager is easily installed so large enterprise organizations, like the one in this article, can complete installation on all endpoints without causing disruption. Privilege Manager automatically removes admin rights from domain and non-domain managed endpoints, including hidden or hard-coded credentials. Machines in large deployments can simultaneously communicate with Privilege Manager, check policies and execute application control 24/7, and manage through a single, streamlined dashboard.

Privilege Manager makes it possible for companies to implement least privilege policies and protect endpoints in large, diverse deployments, and manage them more effectively than ever before.

Endpoints are the entry point for 85% of all data breaches

Get proactive protection for your endpoints with Privilege Manager.

 

Like this post?

Get our top blog posts delivered to your inbox once a month.

SHARE THIS


The following two tabs change content below.
mm

Barbara Hoffman

Barbara joins Thycotic with nearly a decade of experience in IT software and security, and many more years working in product management, development and marketing across a number of different industries. As part of the Product Marketing team, she helps define and drive marketing strategy, messaging & positioning, sales enablement, and content creation for Thycotic’s cornerstone offering, Secret Server, along with Privilege Behavior Analytics and Account Lifecycle Manager. Barbara earned her BS in International Business from George Washington University, her MBA from the University of Southern California and Cybersecurity Certification from Georgetown University.