CyberArk PAM Deployment

Multiple remote connectivity methods—Citrix, per-user VPNs with different clients, TeamViewer—were being used across Managed and Professional Services clients. Onboarding and offboarding engineer accounts required hours of configuration, and account access levels were often undocumented, creating inefficiency and security risk.

Over a 4-week period, CyberArk Privilege Cloud was implemented internally and into customer environments, providing web browser–based privileged sessions to RDP and web applications. The solution removed VPNs and disparate tools, improved security and accountability through CyberArk functionality, and streamlined account management using vaulting capabilities. All CyberArk infrastructure was built on Azure.

The platform is being re-architected into its own operational domain and will implement IPSEC VPNs to enable one-way AD trusts. This will further simplify customer account management while maintaining secure, centralised privileged access.