BeyondTrust helps RWE Supply & Trading

Leading pan-European energy trading house meets tight budgetary and regulatory constraints through ongoing use of BeyondTrust cyber security solutions.

  • 9 years ago Posted in

BeyondTrust is helping RWE Supply & Trading, a leading pan-European energy trading house, reduce security risks while meeting budgetary and regulatory constraints.

RWE Supply & Trading is a leading energy trading house, and a key player in the European energy sector serving as the interface between the global wholesale markets for energy and energy-related raw materials, and the RWE Group, one of Europe’s five leading electricity and gas companies. The European energy sector is undergoing fundamental changes, with subsidised expansion of renewables causing margins and utilisation of conventional power stations to decline, thereby requiring energy providers to reduce costs. But against this cost reduction, energy providers such as RWE Supply & Trading cannot sacrifice security.


As part of its ongoing strategy to protect and continually strengthen its IT security posture, RWE considered the tightening of administrator rights to ensure that users download only applications applicable to their responsibilities and mitigate the risk of rogue software and potential harmful malware damaging its critical IT systems. However, RWE was also concerned that simply removing admin rights from employees would hamper productivity, especially in an environment that makes extensive use of Citrix VDI technologies. As the IT Security Architect for RWE Supply & Trading, Loucas Parikos explains, “We wanted to reduce the attack surface and our chances of being exploited…” without negatively impacting on a productive work environment while meeting all regulatory constraints.


Following an extensive evaluation and Proof-of-Concept phase, RWE selected BeyondTrust PowerBroker for Windows which has allowed the company to eliminate ad-hoc admin rights on all users’ PCs as well as allow fine grained control of privileges on the Windows Servers. With PowerBroker, RWE is able to control the functions permitted on servers, whether accessed by local employees, contractors, employees from other divisions, or by groups to which RWE outsourced.
Once local admin issues had been resolved, Parikos next moved on to reducing its attack surface and vulnerabilities across all IT resources. After undertaking another Proof of Concept of several vulnerability management products and an extended evaluation period, RWE deployed Retina CS from BeyondTrust to scan its disparate and heterogeneous environment to identify security exposures using the results in a consolidated set of actions based on specific vulnerabilities found during the scans. “The reporting capabilities provide insight and help us prioritise our risks across the entire environment based on industry data about specific vulnerabilities,” Parikos noted. The project was capped by a final stage that used the PowerBroker Password Safe to track who accessed various privileged accounts on RWE’s estate of 1000+ Windows servers and 200+ UNIX systems to enable detailed audits of what had been done during each access session.


The entire solution is managed by the BeyondTrust BeyondInsight platform to provide a top level and real-time view of what applications are used by its Windows users, the vulnerabilities in its assets, and the actions of privileged users on its Windows and UNIX servers. The success of the solution has helped RWE retain its strict regulatory and industry best practice security controls and according to Parikos, “Our initial success in working with BeyondTrust to eliminate admin rights propelled us to seek other components that could also be monitored from BeyondInsight. The reporting capabilities and recommendations are excellent, and the more assets we scanned, the more useful those insights became in prioritising our remediation efforts.”