With remote-working arrangements adding complexity to its global privilege access management, the firm went for a third-party solution

Travel technology firm Fareportal handles over 500m site visits from people seeking travel experiences of every nature. However, since the shift to remote-working during the COVID-19 pandemic, managing and controlling privileged access by its over-100 staff across its United States and India offices had become increasingly complex.

According to the firm’s director of information security, Pooja Bansal: “Managing multiple privileged accounts was a significant challenge. We had to manually on- and off- board privileged user accounts and passwords and did not have a unified view to oversee them. Passwords were recycled inconsistently, and some administrators even used the same password across multiple domains.”

With these factors in mind, the firm’s leaders resolved to improve its security management, reduce risk and gain greater privileged-access control and visibility where IT teams have clearer insights into who is accessing what. They can then “worry less about privileged access and focus more on delivering high-value customer service and experience improvements,” Bansal said.

Clearly, the firm needed a more holistic identity security strategy that covered hybrid working environments, to complement its aim to improve onboarding processes and password practices to enhance compliance with standards like ISO 270001 and PCI DSS.

Subsequently, Fareportal deployed a third-party identity security platform to map all privileged accounts to its existing corporate user directory. The firm’s privileged users now only need their corporate IDs to access their accounts instead of needing multiple identities. Credentials and passwords are hidden from users, and are automatically granted and. Furthermore, any identity — whether human or machine — can be mapped to any resource or environment from anywhere, via any device.

As a result, Fareportal estimates that cybersecurity management efficiencies have improved by as much as 60%. In addition, the firm can now meet regulatory demands more easily due to the streamlined audit and reporting processes facilitate by the identity security platform. Said Rohan Vaidya, Area Vice President (South Asian Association for Regional Cooperation & India), CyberArk, the firm providing the platform, Fareportal’s decision to tighten identity security enables stronger “levels of control, management and security for all its privileged identities, adding a critical layer of protection to the company’s key assets.”