CyberArk is the leader in the Privileged Access Management (PAM) market with more than 6,000 deployments in 90 countries, including more than 50% of the Fortune 500 companies. Customers are using CyberArk solutions to protect their highest-value information assets, infrastructure, and applications.
In most cases, the Cyberark solution installation or upgrade can be completed within a few days of engagement, or even be quicker if you chose to deploy your CyberArk solution in a cloud environment such as Azure, AWS, or CyberArk® Private-Cloud™. But what about large environments that require the scalability to provide service for a massive volume of accounts?
SEGMENTECH worked with a leading financial sector customer to analyze the current manual process of upscaling/downscaling their CyberArk environment and the process of creating new CyberArk environments.
Below are the main challenges we found in our analysis:
1. Changes – Most of the outages or errors in the CyberArk live environment caused by human error.
2. Standard – In a large implementation, with multiple vaults and CyberArk’s components, there was a discrepancy in the configuration of each environment.
3. Timelines – The deployment or upgrade of CyberArk in a large organization can take up to 3 to 6 months.
4. Scalability – The company had to manage a massive amount of servers to support its service continuity and to provide non-production environments for the engineering teams and testers.
5. Resources – Each deployment requires cross-functional teams and resources to coordinate the operation
These challenges are something you can find in the deployment of every robust software solution in an enterprise environment, and we decided to improve the current process with orchestrated automation. The first step was analyzing the installation and upgrade workflows and creating a new End-to-End workflow that can handle the deployment, upgrade, and decommission of each software component that requires scalability. Once we had the process aligned with CyberArk recommendations and industry best practices. We then moved to the second step: automating the workflow with tools such as Jenkins as an orchestrator and BitBucket as a central CICD repository.
The POC of automating the CyberArk installation process was a great success. It provided the customer with a set of automated procedures to provision new environments within a few hours. Today, the customer is asking to deploy to production with automation and expand CyberArk automation to other components, including the Vault. Using the developed orchestrated automation implementation reduced the risk of an outage and created a single implementation standard across all the component servers. It reduced the time of implementation and made the SecOps and engineering teams available to other essential tasks.
The bottom line is: Automation saves money!
Are you ready to take your PAM implementation to the next level of automation? Talk with us today to learn more about our experience and how we can assist you with software automation.