MThree Consulting are engaged with a Tier 2 investment bank with a strong focus on the commodities market, after initial audits highlighted various findings we found that the institutions Privileged Access Controls were in need of review.
What We Are Doing
- Implemented a global and automated front end solution for Access Request Management.
- Removed persistent admin access to production systems using Hitachi Privileged Access Manager (HiPAM) as a security gateway. This includes application front end for 3rd party hosted systems as well as underlying infrastructure for internally hosted applications.
- Created the ability to log and monitor sessions (including executed commands and keystrokes) to Operating systems and Databases using HiPAM.
- Performed analysis on the bank's application architecture to identify mission critical applications needing more stringent controls.
- We are now in the process of remedying the findings to ensure a secure environment.