Consolidation and upgrade of legacy privileged identity and access management solution

304

Service: Executing projects
Sector: Life sciences
Area of expertise: Executing projects

THE SITUATION

A global pharmaceutical company needed to upgrade and consolidate their existing Privileged Identity and Access Management (PIM / PAM) infrastructure. There were two primary reasons for this, first, the existing infrastructure was approaching end of support. Second, the organization did not have a centralised PIM platform, but several independent PIM platforms operated by individual business units. Each platform covering a different network environment and spanned across IT, OT and cloud in total.
This posed both cost and security challenges, due to a lack of a central overview of privileged access and accounts in the organization and increased costs due to running several PIM solutions in parallel.

WHAT WE DID

Kopenhagen Konsulting led the consolidation and implementation of a new PIM solution. The project scope was end-to-end, meaning all phases was planned and executed by Kopenhagen Konsulting in close collaboration with the service provider and internal stakeholders, such as IT and security architects and engineers representing different network domains that would be affected by the consolidation. The service provider that would operate and maintain the solution on behalf of the organization was involved in all project phases as they had the role of implementation partner. The project was closely followed by C-level management because of the security and operational implications for the entire organization.

The project consisted of five phases:

  1. Planning, design and contract negotiation
  2. Kopenhagen Konsulting assisted the system owner and manager in negotiating new arrangements for both application maintenance and infrastructure
  3. New system management team onboarding and data and user migration
  4. Hypercare and user support
  5. Implementation

THE OUTCOME

Kopenhagen Konsulting’s involvement resulted in the planned consolidation and upgrade of three existing PIM solution into a single unified platform, covering all network domains. The new solution was cheaper to host, due to the less complex infrastructure and safer than the previous and more than 1.000 privileged accounts were removed from the three networks. The new solution was designed to be easily scalable and as a result the organization immediately started to plan an expansion of PIM coverage to include cloud environments and other elements not part of phase one.