A case study on the enterprise-wide deployment of a fully integrated privileged account management solution, the potential deployment challenges, and the numerous post-deployment security and productivity benefits.
Challenge: Provide Regulatory Assurance Separately for Technical and Operational Environments
Miami International Holdings (MIAX) is a fully electronic options trading exchange approved by the SEC as a national securities exchange on December 3, 2012. Its trading platform has been developed in-house and designed from the ground up for the unique functional and performance demands of derivatives trading. MIAX Options now lists and trades options on over 2,300 multi-listed classes. MIAX Options’ unparalleled system throughput is in excess of 38 million quotes per second with an average latency for a single quote being 15.89 microseconds.
As part of the process to open as a U.S. Securities Exchange, MIAX had to satisfy a multitude of security criteria. Auditing and logging were two critical requirements for MIAX. They needed a way to perform full keystroke logging of any activity in their critical systems. MIAX chose to deploy PowerBroker for Unix & Linux due to the high availability requirements of the hosts. It allowed them to not only capture all admin activity, but also provided full forensic auditability of the entire critical environment.
We required a solution which could handle the high demands of our environment, but yet not get in the way of our Admins daily job of managing the complexities of the environment. The PowerBroker for Unix & Linux solution helped us satisfy the ‘full auditability and accountability’ requirement of our trading system in an unobtrusive manner. – John Masserini, CSO, Miami International Holdings, Inc.
As MIAX grew and expanded into other business ventures, they needed to provide regulatory assurance of total separation of the technical and operational environments. MIAX wanted to ensure that any solution would position them to maintain and enhance the entire privileged access management process as well as provide strong auditability for the separation of the various environments.
With concerns about proxy-type solutions being able to keep up with the key capture requirements of the operational environment, MIAX required a solution that integrated with previously installed SSH applications on the local desktops.
After a series of proof-of-concept evaluations, MIAX selected PowerBroker Password Safe. By deploying Password Safe, MIAX was able to provide a single login to the user and allow them to ‘pick and choose’ what environment needed to be accessed and with which account.
BeyondTrust PowerBroker Password Safe Privileged Account Management solution automates privileged password and privileged session management, providing secure access control, auditing, alerting and recording for any privileged account – from local or domain shared administrator, to a user’s personal admin account, to service, operating system, network device, database (A2DB) and application (A2A) accounts – even SSH keys, cloud and social media accounts.
Read the entire Case Study here:
For more on Identity and Access Management, view these articles.
Copyright © 2002-2020 John Masserini. All rights reserved.Share!