By RJ Gazarek
Any Privileged Account Management (PAM) solution that you purchase, whether it’s from Thycotic or elsewhere, is nothing more than a tool to help you secure your infrastructure. That’s a key thing to remember, because as a tool it will not do the job for you, nor suddenly make your organization secure if you do not implement it properly. But when you do, the right tool will ensure rapid and systematic adoption across the organization.
So what does a PAM solution look like when deployed at scale for a very large company? We encourage you to check out this webinar to get a deep dive on some best practices.
FireEye is one such company that has deployed Secret Server at a massive scale.
FireEye is one of the leading and most well known cyber security organizations in the entire world, with over 4,400 customers globally, including 650 of the Forbes Global 2000.
I had the pleasure of visiting one of FireEye’s locations and seeing their instance of Secret Server in action, and they took the time to speak with me about the benefits they’ve seen in using it: Watch now!
FireEye receives requests from companies every day to help them recover and protect themselves from cyberattacks, and one of the most re-occurring themes they saw from new customers were breaches caused by compromised credentials. Knowing that this was happening, FireEye thought it was important to ensure that they were leveraging a PAM system internally, and have been using Thycotic for several years now.
FireEye realized several internal business benefits:
- Internal password management in a centralized vault.
- Meeting auditing requirements, whether they were internally or externally driven.
- Teams used the API to interact with Secret Server.
- Event subscriptions—a benefit that alerts their CISO the instant a sensitive secret is being checked out.
FREE Privileged Account Management for Dummies book
Get smart about Privileged Account password security with this quick read
FireEye saw several internal technical benefits too:
- Discovering Service Accounts was of huge value to FireEye because they were able to see just how many service accounts were being used across their entire organization. They were then able to take those accounts over, secure them in Secret Server, and automatically begin rotating the passwords.
- Multiple integrations are used by their teams, such as Remote Desktop Manager. RDM allows them to log into target systems without anyone needing to know the passwords.
- Everything within Secret Server is auditable for their executive team and security auditors.
- The end-to-end encryption is really important to them, from the user’s access all the way through to the database.
FireEye benefited from using a PAM solution because it aligned with their own ideology, as well as what they tell their own clients: that they should also be using a password management solution.