Lansing Trade Group Success Story
The ever-changing realm of trading, investing, and acquiring goods requires constant monitoring of systems and networks to ensure the safety of customer and trade data. With the number of data breaches making news in the last couple of years, there has been ample reason to look for better, more secure means of managing data. One thing has been abundantly clear - traditional methods of protecting data, especially privileged accounts are insufficient.
Taking a new approach came with its own inherent risks for Lansing Trade Group. Trading is unlike any other business model, and Lansing Trade Group required something better than a one-size-fits-all approach to ensuring their systems had the right protection for managing privileged access.
Concerned with the numerous breaches that made the news, the Lansing Trade Group decided to implement stronger cybersecurity measures. They quickly realized that the best way to keep data secure required a comprehensive, highly-scalable solution that would improve three areas:
- Server access
- Access logs
- Stopping Lateral movement
The traditional methods were somewhat sufficient when technology was young, but accessing different areas of the server and being able to track each access was still relatively new. Multi-factor authentication (MFA) provided a robust solution to many types of security threats, but there were several problems with finding the right solution for them.
Once Lansing Trade Group began to look at the different options for MFA and privileged access management solutions, they quickly realized that most cybersecurity companies offered solutions that did not meet their unique needs. Though Lansing Trade Group is a large company, they did not need all the modules and deployment complexity that these solutions offered. Instead of providing customizable approaches, most companies provide complex solutions with functionality that was not required. If Lansing Trade Group selected any of these solutions, they would be required to maintain the unnecessary functionality. It was equally problematic that the implementation timeline would be lengthy because of the additional, often unnecessary functionality. Not to mention the ease of use factor for developers and system administrators.
Having already been through similarly long and drawn-out service engagements, Lansing Trade Group decided to keep looking for a more focused solution that addressed their specific needs.
When Lansing Trade Group engaged Remediant for a Proof of Concept (POC), they quickly realized that this was the solution they wanted. From the very beginning, Remediant was able to complete their POC quickly and efficiently, without affecting any of the business operations.
By the end of the POC, Lansing Trade Group was able to review tangible data generated from the diagnosis. Remediant’s Privileged Access Management solution, SecureONE, showed just how the three data problems would be addressed.
The solution was incredibly easy to use, partly because it focused on just the functionality required by Lansing Trade Group. Enforcing MFA on the fly was much easier than the method Lansing Trade Group had been using, and was just as reliable as the other costlier solutions with extraneous functionality. By approaching access to the system through the least amount of required privileges, it was much easier to follow user logins to see who requested what type of access and completed which tasks. Eliminating the need for shared accounts.
SecureONE took a unique approach to stopping lateral movement through the use of stolen administrator accounts as well. The dynamic approach of the product allowed for access to only the specific endpoints that an administrator needed to access instead of granting access to all endpoints, all the time. Having a user leverage their own credentials with MFA to gain Just-In-Time Access to a particular system stops lateral movement.
The initial study proved that SecureONE could address the three primary concerns. The short amount of time that it took to complete the diagnosis also alleviated any concerns that the implementation would be a major, long, drawn-out undertaking. Since administrators will only be able to access endpoints when they need to and just for the right amount of time, risk is significantly reduced. The resulting audit trail can also be reviewed to ensure that all access to the system is justified.
Although Lansing Trade Group needed to meet certain compliance requirements, the company prefers to stay ahead of those requirements to ensure sensitive data is not compromised. By implementing MFA and dynamic privileged access, they were able to reduce unnecessary administrative level access across all of their systems both on-premise and in the cloud.
Within a few weeks, Lansing Trade Group had logs that provided a look into what administrators were doing. The reduced access across systems helped to make those logs useful as the type and reason for accessing the system was provided with the rest of the log data. It was also easy to see who had over-privileged accounts making it easy to clean up their Active Directory architecture through automation.
“The onsite diagnosis. It was amazing how quickly it was up and running and able to show us tangible data,” stated Jason Sears, Director of IT, Lansing Trade Group. From that point on, they were sold on the product.
Today, SecureONE provides secure, limited access across the LansingTrade Group ecosystems, giving the company and their clients' peace of mind.