The massive spike in ransomware attacks in 2021 – up 105% worldwide, according to SonicWall – left cyber insurance companies facing an exponential increase in claims at the end of last year. In response, insurers tightened their requirements this year, releasing a long list of specific conditions companies now need to meet in order to qualify for a policy. Among those conditions is the enforcement of multi-factor authentication (MFA) on resources across the hybrid environment, including on cloud-based email, remote network access, as well as internal and external admin access.
The stringent new requirements came as a surprise to many organizations including High Touch Technologies, a Wichita, Kansas-based firm specializing in custom software and managed IT solutions for healthcare, manufacturing, and utilities companies based in America’s heartland.
“We found that the requirements had changed pretty dramatically,” says Hugh Christiansen, an enterprise solutions architect with High Touch. “In particular, we saw that MFA was being mandated not just for cloud services or applications but anything that had admin access.”
Finding a way to enforce MFA across every type of admin access proved a challenge. This is because, despite the focus today on cloud-based services, most companies including High Touch still maintain a significant portion of on-prem resources that can’t be protected by MFA due to the authentication protocols they use (such as Kerberos, LDAP, and NTLM).
As well, High Touch discovered they only had 60 days to identify and implement a new solution in order to retain their cyber insurance policy. “I really didn’t want a multitude of different solutions to meet this particular compliance requirement,” says Christiansen. “I wanted one solution — one interface with a single vendor.” The company engaged with a variety of suppliers and conducted four different pilot trial runs before finding that Silverfort was the only solution that met all criteria.
Silverfort is able to help companies like High Touch comply with new MFA requirements because of the unique nature of its technology. When users request access to a resource (whether cloud-based or on-prem), the identity provider then forwards authentication data directly to Silverfort for additional scrutiny. Once received, Silverfort’s AI-powered risk engine evaluates each request in real time and, if needed, can send an MFA prompt straight to the user. This is especially important for the command-line access tools that admins frequently use, such as PsExec, PowerShell, and WMI.
“We looked at some big names in the industry to help us meet the insurance requirements but Silverfort was the only one that could get it done for us,” says Christiansen.
With time of the essence, High Touch was especially pleased that implementation was quick and painless. Working closely with Silverfort customer success, the company was able to move from decision to roll out in less than 30 days. “In all my years of doing IT work, it was one of the quickest deployments I’ve ever seen, especially for a solution that’s so complex,” says Christiansen. “It was really amazing.”
Having successfully renewed its cyber insurance policy, the High Touch team turned their attention to fully utilizing all of Silverfort’s capabilities for threat prevention. In addition to the ability to easily fine-tune MFA policies, Christiansen was impressed that the solution could also automatically discover and monitor service accounts, including blocking access if anomalous behavior was detected. And all of this with a minimal impact on system domain controllers.
“Quite frankly, our EDRs are much more resource-intensive,” says Christiansen. “Silverfort is a high-impact, low-maintenance piece of the security puzzle.”