CLIENT STORY
Electrosoft provides Identity, Credential and Access Management (ICAM) expertise to enhance the cybersecurity posture of a civilian agency that oversees many U.S. financial institutions.
PROBLEM
Recognizing the sensitive nature of the financial oversight work that one civilian agency undertook, agency leaders decided to create a cyber defense center. They knew they were subject to cybersecurity attacks and needed a team to counter those attacks.
SOLUTION
Electrosoft served as part of the team that stood up the agency’s first cyber defense center, helping to build out the space, the goals, the processes and protocols. It was a collaborative process, with Electrosoft experts taking the lead on ICAM initiatives, governance and reporting.
Early on, Electrosoft identified a high number of accounts across three separate Active Directory domains. Each one represented a potential access point for a cybercriminal, so each one needed to be protected against compromise. Investigations revealed numerous accounts that had been dormant sometimes for years. Electrosoft helped to establish and implement protocols to deactivate accounts of people who left the agency or financial institution and who no longer had a need for access. Over a period of five years, the number of accounts was dramatically reduced from more than 50,000 to just several thousand to, finally, zero.
A move from a stand-alone office space to a shared space with the agency’s cyber security office only helped to enhance the collaborative work of the team. ICAM reports Electrosoft created have been enhanced to better serve the broader team – and are now being used by other agency offices to identify patterns and measure progress.
RESULTS/BENEFITS
Eliminating unnecessary accounts was one important step in monitoring who has access to the agency network and what they are doing. Using tools such as Stealth, the team observes network activity 24/7, acting quickly when there are unauthorized access attempts or when authorized users are behaving suspiciously online. Working as part of an integrated cyber defense team makes every function stronger, ultimately strengthening the cybersecurity of the agency. As one expert puts it, “We are so good, it’s hard for anyone to sneak in.”