Securing Privileged Access with CyberArk PAM for SCB’s Global & Market Research Application.
Nov 2010 - Jun 2017
Business Need
Project involves implementing Privileged Access Management (PAM) for user setup in the Standard Chartered Global & Market Research Application, with a focus on on-premises environments. Objectives include analysing existing user setups, identifying privileged accounts, and establishing a robust PAM framework. This entails integrating cutting-edge PAM solutions, enforcing stringent access policies, and implementing just-in-time privilege elevation. Collaboration with stakeholders and user training programs will be crucial, along with regular audits to ensure ongoing effectiveness and compliance. The project aligns with organizational goals of safeguarding sensitive data and enhancing overall security resilience.
Solution Implemented:
- In collaboration with IT and research teams, we need to develop comprehensive PAM policies and procedures, defining access controls, password management, session recording, and auditing requirements.
- Experience in implementing PAM engagements, including requirements gathering, analysis, design,
- development, testing, deployment, and application support.
- Exposure to PAM process frameworks and methodologies
- Installation and implementation of CyberArk components EPV, PSM, CPM, PVWA, PSMP, PTA, HTML5,and AIM (CP,CCP).
- Integration of LDAP, SMTP, SIEM and Private Ark Remote Control Agent to CyberArk.
- Installation and Implementation of DR Vault and PA Replicate, PA Restore for Backup and Restore the data.
- Create the platforms and manage the password rotation for those platforms based on business.
- Implementation of PACLI script to create SAFE and onboard Privileged accounts using DNA Tool.
- Experience in hands-on development of PSM auto IT scripts and develop CPM Custom plugins for Web applications.
- Up-grade the Vault and all CyberArk components to with latest stable version.
- As part of run activity used to perform DR failover and failback, monitoring the CyberArk infra, taking care of user issues, renew the PVWA, PSM and CCP certificates, Vault and CyberArk components patching.
- Good experience on ITIL process and raised the changes in ServiceNow to perform updates in production.