.svg)
The Prague Stock Exchange (BCPP) is the largest and oldest organizer of the securities market in the Czech Republic. A stock exchange is a market where the prices of securities or commodities are determined by supply and demand. Its primary role is to connect investors looking to grow their capital with companies seeking new funding. It thus plays a significant role in the entire national economy. The Czech National Bank (ČNB) oversees the Exchange's operations and the overall developments in the capital market.
BCPP operates an ICT environment that includes server infrastructure, virtualization, application and service accounts, and access for both internal and external administrators. Given the increasing demands for cybersecurity, auditability, and access rights management, it became essential to implement a centralized Privileged Access Management (PAM) solution.
The project aimed to eliminate uncontrolled administrative access, prevent password sharing, and ensure full auditability of administrative activities. The scope also included validating the solution through a Proof of Concept and ensuring a seamless deployment into the production environment without disrupting operations.
The project involved an initial infrastructure analysis and identification of privileged accounts, the design of the target PAM model, and the preparation of implementation documentation. This was followed by the implementation of a central PAM platform and its integration with server systems, administrative, application, and service accounts, as well as security tools. The solution included password management and rotation, approval-based access control, auditing of administrative sessions, and disaster recovery capabilities. Functionality was verified through a Proof of Concept, and after its successful evaluation, the solution was deployed into production. The project also included administrator training, enhanced supervision during launch, and customer acceptance of the solution.
The client gained centralized and auditable management of privileged access, significantly reduced security risks associated with administrative accounts, and established unified authorization management processes. The solution enhanced the level of security, supported compliance with regulatory requirements, and laid the groundwork for further improvements in cybersecurity.
“The implementation of the PAM solution brought a fundamental increase in control over administrative access and a higher level of security. We appreciate the systematic approach and seamless support within the operational environment.”
Jiří Renc, IT Director
The collaboration continues in the form of service and system support, along with related development activities for the PAM solution.
