REMEDIANT IS NOW PART OF NETWRIX  READ PRESS RELEASE

Blog
Get a Demo
  • There are no suggestions because the search field is empty.
Contact Us
Get a Demo

Customer Stories

    Use Cases

     

    Watch this video to learn about Zero Standing Privilege (2:08)
    Blog
    Get a Demo
    • There are no suggestions because the search field is empty.
    Contact Us
    Get a Demo

    Customer Stories

    Use Cases

     

    Watch this video to learn about Zero Standing Privilege (2:08)
    Menu
    Contact Us
    Blog
    Get a Demo
    • There are no suggestions because the search field is empty.
    Cybersecurity
    lockheed-logo

    Security Without Compromise

    Remediant helps Lockheed Martin achieve instrumented compliance for privileged access.

    At a Glance

    Cyber DFARS Program Office sought a highly-scalable solution that coupled multi-factor authentication (MFA) and dynamic privileged access, and could meet compliance requirements (NIST SP 800-171) while minimizing impact to operations.

    150,000

    Devices managed globally

    1

    FTE managing globally

    4

    Hours to deploy & scan

    The Background

    In response to an ever-increasing number of data breaches involving government data, the Department of Defense (DoD) mandated, effective December 31, 2017, the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting, which levies far-reaching security requirements on all defense contractors and their subcontractors who store, process or transmit “covered defense information” (CDI) on a DoD contract.

    The clause requires, among other components, compliance to 110 security controls defined in NIST Special Publication 800-171, with emphasis on network access and administrator privileges. In late 2016, industry giant Lockheed Martin established a Cyber DFARS Program Office to implement enterprise-wide solutions.
    lockheed-martin-dims

    The Challenge

    Lockheed Martin needed a highly-scalable solution that coupled multi-factor authentication (MFA) and dynamic privileged access, and could meet compliance requirements while also minimizing impact to ongoing operations. The team started by evaluating a broad selection of legacy password vault solutions, as this mature technology was already in use across parts of the company.

    It was determined that legacy password vault solutions could not meet the requirement for dynamic privileged access, and that the Remediant solution would be easier to deploy, more secure and able to continuously inventory the distribution of privileged access across Lockheed Martin’s systems. Lockheed Martin considered in-house resources to design and develop a Privileged Access Management (PAM) solution. However, internal development would be an expensive and time-consuming process that would distract from other security priorities in the near-term and build in an ongoing cost to the department.

    While the option of in-house development remained on the table, Lockheed Martin’s Corporate Information Security team continued to look for an innovative partner that approached the problem from a new angle.

    “When seeking a PAM solution that could meet our requirements, ease of integration, reliability, and scale were all critical, and we couldn’t afford to compromise in any of those areas. We needed a solution that the information security marketplace simply didn’t offer at the time.”

    Mike-Gordon-lockheed-martin

    Mike Gordon
    Deputy Chief Information Security Officer,
    Lockheed Martin

    The Solution

    Working in various information security-related roles in biotech and security consulting-led Remediant’s founders to the same conclusion: it was time to forge a new path in the world of privileged access. 

    SecureONE is based upon three main principles:

    • Utilize the user’s own account for privileged access - not a generic or shared account which creates audit/traceability and compliance challenges.
    • Make the tool extremely easy to use, including a responsively-designed web interface and API-first architecture that is easy for administrators, DevSecOps, operations and information security teams to manage. 
    • Without installing agents, continuously scan for changes in privileged access across the enterprise, bringing a new level of insight and control over privileged access.

    Stopping lateral movement calls for being careful about how privileged access is allocated. SecureONE takes a fully dynamic approach, assigning privileged access solely to the endpoints the administrator needs, and only for a specific time period. Even if administrator usernames or passwords are stolen, the zero-privilege baseline for protected endpoints
    ensures that compromised accounts cannot be used to access systems, nor move laterally through the network.

    During a security conference in Las Vegas, Lockheed Martin had their first glimpse of SecureONE, Remediant’s solution for managing privileged access. Impressed with what they saw, Lockheed Martin immediately requested a Proof of Concept deployment to test the solution’s features and scalability.
    “It’s rare to find a simple solution that simultaneously improves compliance, operations, and security. Granting full administrator rights, Just-In-Time, to individual systems, improves administrator support coverage while drastically limiting lateral movement risk! Remediant SecureONE builds on the solution by offering multi-factor authentication, continuous admin inventory, full logging of when individuals access specific systems, and enterprise scalability.”
    chad anderson lockheed martin

    Chad Anderson
    Cyber Mitigations Architect, Lockheed Martin

    The Result

    Compliance does not equal security, but solutions that clearly demonstrate improved security and compliance are surprisingly difficult to find. By making it easy to protect privileged access with MFA and continuously detecting any unauthorized privileged access, SecureONE accomplishes both.

    In a matter of weeks, Remediant provided a dynamic, scalable PAM solution with minimal disruptions to Lockheed Martin’s 150,000+ endpoints. Today, Lockheed Martin meets its NIST SP 800-171 requirements while significantly enhancing operational security.

    Today, SecureONE provides just-in-time administrator rights across the Lockheed Martin ecosystem, in countries around the world.
    Lockheed-Martin-cyber-security-centre
    lockheed-martin-customer-story
    “Remediant worked an aggressive timeline and a full-lifecycle implementation across the global enterprise to provide added security for our desktop administrators. We call it ‘Instrumented Compliance’, which means not only being compliant but, more importantly, being able to continue to assure our customers and employees that we are protecting their critical data.”
    Joel Johnson

    Joel Johnson
    Cyber DFARS Program Manager, Lockheed Martin.

    Get a demonstration of Remediant SecureONE today!
    See first hand how to stop lateral movement & prevent ransomware attacks by removing 24x7 admin access.
    Schedule Your Demo Now

    More

    Customers →
    Customers

    Read

    Use Cases →
    Use Cases

    Browse

    Resources →
    Resources