Client Cases Studies and Industry Recognitions at senhasegura

Confidential Document Internal Use Only Client Cases Studies and Industry Recognitions

Clients and Industry Verticals senhasegura operates in all sectors and verticals of the industry. Check out some of the companies that trust senhasegura`s team.

Clients and Industry Verticals Seven million clients and more than 120 years of history. A company with these attributes needs its credentials protected to remain even more secured. TIM, the mobile carrier with the largest internet coverage in Brazil, is strongly focused on innovation, security, transparency, and process agility. Tenda is one of the largest construction companies in the country. With a nationwide presence, they have finished over 85,000 ventures. Among the largest insurers in the country, Liberty Seguros has conquered the Brazilian market by meeting its customers demands for quality insurance. Our unique service has made it possible to deploy senhasegura at a company great for its figures, its history, and especially, for its potential. senhsegura was chosen by Tenda as the most effective in privileged credential management. Modularity of our solution was a key factor in the bidding process. For Liberty, senhasegura was the only one that created complex approval workflows of high privilege credentials that comply with processes with maximum adherence. TIM has chosen senhasegura to deploy identity management in a complex environment, where the most diverse operating systems and platforms coexist.

Clients and Industry Verticals Catho, a ground-breaker in the online recruitment segment in Brazil, has more than 7 million registered CVs and receives more than 3,000 new ones every day. Atacad o, a Carrefour wholesale company, has chosen senhasegura because of our flexibility to adapt the deployment project assumptions. For over 40 years, JOFEGE has been offering a wide range of integrated engineering solutions, processes, products for civil construction, and environmental quality. Rico is an online investment platform, founded in 2011. Its purpose is to provide the best financial services to a portfolio of more than 200 thousand clients. Aware of the responsibility of storing their customers critical data, Catho chose senhasegura to protect their environment and achieve audit objectives. senhasegura has provided hardened appliance and made customizations still on proof of concept. Our service and pricing policy were decisive in this choice. senhasegura was elected to protect credentials and confidential information of JOFEGE in the OPEX model, enabling deployment with no great impact on initial cost. Rico has signed contract with senhasegura after an evaluation period of our solution, allowing it to be offered at a great competitive price.

Clients and Industry Verticals MediaPost, as part of the mail marketing market, needs secure infrastructure for their 350+ senders distributed across multiple data centers. Prudential, a global insurance company with operations in several countries, has chosen senhasegura as the solution to control generic credentials in its Brazilian operation. As a globalized company, the Furukawa Group understands the necessity of identifying and developing products and solutions that meet client expectations. Dataprev is a public company that provides Information and Communication Technology solutions to improve and implement Brazil s social policies. The flexibility of our engineering team to integrate the solution with Cloud services was decisive, as well as the security of counting on us nationwide. The service speed and robustness of the tool were fundamental to Prudential in the process of choosing the ideal solution for credential management.

Clients and Industry Verticals With millions of transactions completed every year since 1996, Cred-System is a company highly specialized in granting credit to various segments. Through a series of technology and infrastructure solutions, Cetip contributes to sustainable development of the financial market and Brazilian society Rede is one of the leading companies in the national electronic payment market, continuously striving to offer increasingly client-focused services. Over more than 170 years of history and present in Brazil since 1976, C&A works with ethics and focus so that all of its customers are always satisfied. The operations of more than 15,000 financial institutions and millions of people who use Cetip s services are adequately protected through senhasegura solution. Cred-System business requires a robust solution such as senhasegura, which provides maximum protection for critical information in the environment.

Clients and Industry Verticals Col gio Bom Jesus has been in Brazil for 120 years to build an ideal vision of peace while simultaneously raising its education quality standards. Growing with simplicity is the key to Cooperativa Santa Clara s success in continuing a history of more than 100 years running a long productive chain. The Official State Press of Par is increasingly investing in technology, in the quality of its products, and in excellent service to their clients. Seguradora L der-DPVAT is a Brazilian enterprise formed by insurance companies responsible for the entire traffic accident claims nationwide. Ensuring that the computer center is properly secured against unauthorized access through rapid deploument with minimal impact on the client. The challenge of the senhasegura team was that the entire production chain and its processes were not interrupted during the PAM solution deployment project. The critical services offered by Imprensa do Par need a complete privileged access management solution with agile support, ready to meet all demands. Engaging the whole team was essential for the senhasegura project schedule to be run from kick-off to the delivery of the Project Acceptance Term.

Cases

Client C (Financial institution with more than US$ 300M in revenue) senhasegura helps protecting more than US$ 26.1 B in financial transactions Case is public Client name under NDA Situation Client C processes over 26.1 billion financial operations in 2019 Problem NIST Cybersecurity Framework not compliant Solution senhasegura offered a hardware solution along with Load Balancing for highest availability and fault tolerance Results Downtime reduced to less than 1% Maturity gain over its use of PAM Reduction of response time to security incidents Reduction of training and deployment costs 100% of Digital Certificates in the environment are managed by senhasegura Customer could achieve compliance requirements senhasegura manages and helps protect more than 2.200 devices and 5.000 privileged credentials in a complex and critical environment No traceability over actions with personal administrative accesses Due to its critical activities, Client C needs maximum infrastructure availability Removal of all personal administrative accesses and access perform through impersonal privileged credentials Lack of management over Digital Certificates Certificate Management solution fully integrated with the PAM Platform

One of the largest e-commerce companies (1.6 U$ BILLION REVENUE) Enabled DevSecOps at one of the largest e-commerce companies Situation DevOps Pipeline (CI/CD) with thousands of secret hard-coded keys Problem Shared secrets caused malicious user to act without accountability Solution Integrate senhasegura to DevOps pipeline with gitlab, kubernetes to scan discovery applications, access keys hardcoded and rotate it during deploy Results 100% Applications and AWS secret keys mapped +40% of AWS unnecessary users were deleted reducing the attack surface and therefore the risks +200 Admin developers operating the Pipeline with DevOps systems Changes made without accountability caused more operational errors and allowed malicious activities to contribute with data leakage and unavailability Integrate senhasegura to AWS and GCP to automatically identify ephemeral servers and manage credential and record sessions trough AD authorization +80% Admin access recorded and audited 4K cloud permanent servers 20K ephemeral cloud servers Customer was able to accelerate their DevSecOps initiative +2K of hardcoded access keys with indiscriminate usage Company couldn t control access proliferation and also not guarantee security governance Indiscriminate privileged access to cloud servers with no traceability

8th Biggest Telco in the world Certificates, SSH keys & PAM managed in one single platform Situation Complex and huge telecommunication network with more 100k devices distributed geographically; Problem With no clear policy, machine identities are been created without governance makes it almost impossible to have control of this identities and access. Solution We ve deployed senhasegura platform to manage the lifecycle of machine identities with high availability and disaster recovery over 3 distributed datacenters; Results The project is still under deployment but the costumer already had: Centralized view of ssh keys, credentials and certificates 3 huge geographic distributed data center with ssh keys, certificates, and local passwords; It is impossible to create a security control center for machines identities and have a clear visibility of this identities. We scan and discover all privileged credentials, ssh keys, certificate with senhasegura s discovery trough more then 10.000 devices, multiple Cas. Lifecycle management for ssh keys and certificates. Ghost SSH Keys and certificates in many IT devices on premises and on cloud; Reduction of ghost ssh keys and unused credentials This allow ghost identities and security attack vector that can be exploited Automated identities rotation and renew for Credentials, SSH Keys, Certificates Reduction of application outages due to certificate expiration

2nd Biggest payroll database in the world Brazilian Gov Data Processor reduced over 97% of unauthorized access Situation Multi region distributes; Problem Shared secrets caused malicious user to act without accountability: Solution We've isolated devices access with secure gw with high availability and disaster recovery; Results +96% Reduction of local static passwords 3 huge data center with more than 6K devices to store and process critical social security; +1.1 K users lost direct access to infrastructure It was impossible to define a security perimeter; We recorded all sessions with senhasegura's cluster security gateway with multi factor authentication trough hardware certificate token; Payroll data from more than 90 million Brazilian's citizens; +300 privileged sessions recorded and stored per day Did not allow security accountability and didn't inhibit attackers; Fixed local password; +Real time user behavior integrated to SIEM (IBM) With our user behavior mechanist integrated to SIEM and access integrated to ITSM tool alert behavior deviation Indiscriminate privileged access from almost any IT device: Their simple authentication method made it easy to impersonate another person. Customer could eliminate more than 97% of unauthorized access No privileged access recording. Automated password rotation job avoid password sharing.

Large retail bank (+5 THOUSAND BRANCHES WORLD, + 13 MILLION CUSTOMERS) Bank uses senhasegura to reduce privilege abuse by 94% Situation Complex and huge telecommunication network around the world Problem Huge surface were exposed to eventual malicious attack Solution Integrate senhasegura to all devices through SSH and created a Second Factor Authentication to have access to local user Results +98%Local password rotated automatically in less than 4 hours Malicious configuration could be placed without them knowing by whom +5Kof privileged configuration changes audit with an 94,5% reduction in privilege abuse Mores than 5K branches and more than 8K network devices with local admin users fixed without password rotation Automatically audit privileged changes in environment alerting for deviations or misuse of privileged credentials PCI DSS and SOX not compliance Customer could achieve compliance requirements No strong privileged configuration monitoring Business credibility could be compromised at any moment +indiscriminate privileges configurations changed without and auditing