When a client entrusts you with remote access to their critical IT systems & data, how do you protect that trust?

About the Company

The client highlighted here is a global IT services company that provides remote support for enterprise software. They serve more than 1,500 clients worldwide, including multiple members of the Fortune 500. For privacy reasons, we will refer to them as “SoftSupportCO“.

Industry: Computer Software – Services
Location(s): North and South America, Europe, Asia, Australia
Revenue: $200 million+

Single sign-on (SSO) can help improve enterprise information systems security

The Problem

Every time “SoftSupportCO” performs support services for a client, its engineers have to remotely access the client’s IT systems — that means handling thousands of sensitive account credentials and a LOT of privileged access. However, SoftSupportCO was storing clients’ usernames and passwords in Microsoft Word and Excel files, completely at the mercy of hackers! Also, support engineers were sharing the same set of credentials among themselves. So, there was no audit trail for accountability in case something were to go wrong. And there was no monitoring of customer endpoints to ensure that a rogue agent couldn’t misuse their access. All of these put SoftSupportCO and their clients at high RISK. Any small slip-up could have made news headlines and cost both parties millions of dollars.

Sennovate's Solution

Sennovate helped SoftSupportCO implement a solution built around Thycotic’s Secret Server, beginning with the labor-intensive task of migrating thousands of client credentials from Word/Excel files to a password vault (using AES 256 bit encryption) with:

  • Powerful features for password management
  • Granular access controls and access approval workflows
  • Password injection (so that credentials are never exposed to support engineers; they pass directly into the application when remote access is granted)
  • Live session monitoring at client endpoints

We also created custom reports to help meet internal and external requirements.

Remote Support Services Security

The Results

With their new Privileged Access Management solution in place, SoftSupportCO can rest assured that their clients’ sensitive credentials are safe. And, perhaps more importantly, they now have processes in place to help prevent costly security breaches by ensuring that only the right people have access to the right resources at the right time and that access is only used for the correct purpose. Instead of worrying about security, SoftSupportCO can now focus on producing happy customers and growth.

Need help with Securing Remote Access for Support Engineers? Get started with a FREE consultation from Sennovate!

FREE Consultation