Holcim uses Safeguard to protect privileged users and critical data

[MUSIC PLAYING] My name is Samuel López. My role is User Lifecycle Supervisor in the Holcim company where I'm working in the EMEA Digital Center, physically located here in Madrid. And as part of my daily basis, I manage, together with my team, the identity and access management topics in the EMEA region for the workforce and also for the business partner. Holcim is a Switzerland-based company. We have been positioning for year as a thought leader in the cement, ReadyMix, and aggregate production. And nowadays, we are also extending in the product and solution market with the clear ambition to make the cities more green and more sustainable and also with the ambition to improve the diversity and to foster the community through the more than 60,000 employees that we have worldwide. The security risks for Holcim and for the industry are not much different than other industries or business. So basically, we have the ransomware, which is something which concerns us nowadays. And this is something which is there, and we have to be protected and even already hit at another company. We prompted to start looking for a privileged asset management solution because we certainly need to improve the control of the privilege access in our company. So we basically understand that the privileged user are the one which are more risky and the one which has to be better protected. And we decided to put in our roadmap, and the identification, and also the installation of the privileged asset management solution. We identified that the one provided by One Identity is the one better fulfilling our requirements because it is not only managing the standard staff such as Windows, Linux, and this staff. It is go one step beyond and also add an additional value, mainly in the protection of our ERP, which is based in SAP. And it was maybe the key factor to select the solution provided by One Identity. The process now for Safeguard is a little bit more simple, more straightforward. So the privileged user who needs to elevate on their daily basis has the possibilities or basically they can go to the system and do their job. In terms of business value and business benefit, maybe the most important one and the one that I will highlight today is risk reduction. So it is really key to be able to keep under control the privileged access user. And especially in the ERP, because in the ERP it's basically the system which is used to manage the money. Implementing multi-factor authentication for privileged access management, so for privilege user, it is even more important. And here, one additional suggestion in terms of multifactor authentication, I would say that any multifactor authentication is not enough. So nowadays, it's not enough to receive a code through SMS in the phone because we have the SMS phishing and this kind of attack, or magic click in the email. So it is important to go one step ahead. If someone is concerned about the lessons learned that we get implemented, privilege and access management solution, first thing that I would suggest is to understand what really matter for the organization, what is important, or what is the one fulfilling better the requirement? What is the most convenient in terms of pricing? What is the most convenient in terms of quality for the professional services associated with the solution? Because it is important to understand that the privileged and access management are not normally just a project. It is normally a program. So you need to have a continuity, and you need to have it running during a time. So you should not think only to have a software. You should have a software and also a business partner working with you during the process. [MUSIC PLAYING]