How the pharmaceutical leader Sanofi successfully protects its global Active Directory infrastructures

Use Case

How the pharmaceutical leader Sanofi successfully protects its global Active Directory infrastructures

Sanofi is a global and leading pharmaceutical company committed to improving healthcare access. From prevention to treatment, Sanofi transforms scientific innovation into healthcare solutions in fields such as human vaccines, infectious diseases, and diabetes. This leadership is mostly based on the massive R&D investments made by Sanofi so far. The pharmaceutical group has greatly increased its presence abroad especially in emerging countries. Today, it counts more than 100,000 employees in 100 countries and 87 manufacturing sites in 38 countries.

Keyfacts

Benefits
Bird’s-eye view of the company’s infrastructure security
Harmless to critical infrastructures such as production chains
Continuously refined remediation and improvement plans
KPI’s
1 centralized Alsid console for the entire perimeter
25+ domains in 10+ forests
360 000 protected users spread over 170 countries
Interlocutors at Sanofi
1 Security Manager
2 Security Engineers
2 Active Directory Architects
Alsid dedicated team
2 Senior AD Security Engineers
1 Technical Account Manager
1 Customer Success Manager
Integration plan insights
6 months to fully monitor every Sanofi domain
Zero risk on production IT operations
Intensive training sessions with internal and external Sanofi teams
Challenges
Solutions

The growing numbers of people and locations has led to a more complex environment, representing a bigger attack surface. With its numerous facilities worldwide, what is the probability of one end user’s endpoint becoming compromised ? Through a basic phishing campaign, this is almost a child’s play for an attacker to get into the company and explore the entire network using only native Active Directory commands.

On top of that, Sanofi is subject to strong legal regulations on its production chain. For instance, concerns about the doses of a vaccine are enough for legal measures to force Sanofi to withdraw from the market the entire production of vaccines, causing thousands of dollars in losses. Since facilities are more and more interconnected, adequate security measures must be taken.

As the security backbone of the Information System, Active Directory was one of the central components being used to monitor and protect these production environments. The challenges for Sanofi were to find the right solution able to protect its worldwide perimeter and to have the security of these Active Directory environments consolidated in one place.

By answering precisely and appropriately its current needs, CISO’s team identified Alsid as the most effective way to tackle Active Directory risks at their root, instead of dealing with the effects.

One of Sanofi’s main goals was to shed light on the different sets of policies, configurations and data within the group to detect inconsistencies, vulnerabilities and/or malicious behaviors. Alsid’s platform manages multiple infrastructures and allows Sanofi to have a global view of all these security parameters at a glance through a unique console. Delegation rights, password policies, authentication protocols, GPOs, among others are now perfectly managed and controlled by Sanofi’s teams. The size and constant evolution of the AD perimeter is no longer a source of security risk for the company.

Sanofi increased its security boundaries even further by elaborating a global security roadmap plan thanks to Alsid’s recommendations. Using the prioritization and technical cost analysis provided by the product, Alsid helps to precisely define the milestones and technical means required to head toward a state-of-the art Active Directory for the whole environment.

By deploying Alsid’s solution on our global perimeter, we
gave stakeholders much-needed visibility of corporate
cyber-security risks.
Jean-Yves POICHOTTE
GLOBAL HEAD OF IS CYBER-SECURITY

Results

Worlwide Active Directory infrastructure coverage

The Alsid deployment was completed in a flash. Without having to install an agent or requiring administrative rights, the whole AD perimeter of Sanofi was smoothly put under monitoring – including the numerous entities and international subsidiaries of the pharmaceutical group. The implementation of the solution was completely transparent to the 360,000 AD user accounts and had no impact on Sanofi’s employees’ day-to-day activities. Using unrivaled Alsid Indicators-of-Exposure, Sanofi was able to identify and tackle major security risks within its corporate environment. Since then, the company has been preventing all security regressions on its infrastructures using Alsid’s real-time monitoring.

Continuous protection of highly critical assets

R&D data is a strategic target for crime organizations, rogue states, and competitive players. To that extent, preventing sensitive data leaks by enforcing strong security boundaries on the core system securing user access is key to ensure strong market positions in the pharmaceutical industry.

Sanofi chose Alsid for its ability to go beyond the classical event log correlation approach to consider the entire risk spectrum. In this way, Sanofi was given all the necessary tools to successfully tackle ever-evolving and ever-increasing attack vectors. By interfacing Alsid’s real-time capabilities to its SIEM infrastructures, Sanofi became able to immediately react to any new attack vector and protect its infrastructure before damage can been done.

Adaptable to fit modern corporate environments

Alsid and its certified partner network provide not only the most advanced product for Active Directory security, but also a complete solution adaptable to any corporate environment. By listening carefully to Sanofi’s issues and specificities, Alsid’s engineering teams gained a deep understanding of Sanofi’s needs and designed tailor-made propositions. In addition, the pharmaceutical group was offered to exchange with Alsid Active Directory security researchers to discuss specific risks and identify their root causes. This has been made possible notably as part of the user committees organized by Alsid’s support team to gather client feedback.

Worlwide Active Directory infrastructure coverage

The Alsid deployment was completed in a flash. Without having to install an agent or requiring administrative rights, the whole AD perimeter of Sanofi was smoothly put under monitoring – including the numerous entities and international subsidiaries of the pharmaceutical group. The implementation of the solution was completely transparent to the 360,000 AD user accounts and had no impact on Sanofi’s employees’ day-to-day activities. Using unrivaled Alsid Indicators-of-Exposure, Sanofi was able to identify and tackle major security risks within its corporate environment. Since then, the company has been preventing all security regressions on its infrastructures using Alsid’s real-time monitoring.

Continuous protection of highly critical assets

R&D data is a strategic target for crime organizations, rogue states, and competitive players. To that extent, preventing sensitive data leaks by enforcing strong security boundaries on the core system securing user access is key to ensure strong market positions in the pharmaceutical industry.

Sanofi chose Alsid for its ability to go beyond the classical event log correlation approach to consider the entire risk spectrum. In this way, Sanofi was given all the necessary tools to successfully tackle ever-evolving and ever-increasing attack vectors. By interfacing Alsid’s real-time capabilities to its SIEM infrastructures, Sanofi became able to immediately react to any new attack vector and protect its infrastructure before damage can been done.

Adaptable to fit modern corporate environments

Alsid and its certified partner network provide not only the most advanced product for Active Directory security, but also a complete solution adaptable to any corporate environment. By listening carefully to Sanofi’s issues and specificities, Alsid’s engineering teams gained a deep understanding of Sanofi’s needs and designed tailor-made propositions. In addition, the pharmaceutical group was offered to exchange with Alsid Active Directory security researchers to discuss specific risks and identify their root causes. This has been made possible notably as part of the user committees organized by Alsid’s support team to gather client feedback.

Contactez-nous

Découvrons ensemble comment Alsid peut améliorer la sécurité de vos infrastructures d’annuaire

Contactez-nous