Mitigating identity risk: How a UK-based financial services organisation secured service accounts and strengthened access controls for external advisers
PROTECTED ENVIRONMENT
Two-forest Active Directory (one parent domain, two child domains)
Windows servers, Entra ID, Microsoft 365 Legacy applications using NTLM and LDAP
PROTECTED ACCOUNTS
750 employees
6,000 external advisers
INDUSTRY
Finance
BASED
UK
THE CHALLENGE:
CUSTOMER OVERVIEW
About
This UK-based financial services organisation provides wealth, mortgage, investment, and protection advice through a nationwide network of independent advisers. With a centralised operations team and unified technology infrastructure, the organisation supports thousands of distributed users across a complex identity environment while ensuring secure access to critical business services.
Environment
The organisation operates a hybrid environment built on legacy on-prem infrastructure and multi-domain Active Directory (AD). It manages two forests, including one parent and two child domains, alongside a separate testing forest that does not have a trusted relationship with the production environment. The ecosystem includes Microsoft Entra ID, Windows servers, and Microsoft 365, with many business-critical applications relying on New Technology LAN Manager (NTLM) and Lightweight Directory Access Protocol (LDAP) authentication. Thousands of users, both internal staff and external advisers, access resources across managed and unmanaged devices.
Why now:
Responding to growing identity risk and legacy system exposure
With increasing reliance on legacy on-premises infrastructure and externally accessible systems, the organisation faced mounting pressure to modernise its identity security controls. The team had limited visibility into how Active Directory service accounts were being used, including what resources they were accessing, how frequently, and from which systems. They also needed to enforce access policies across older applications and non-managed adviser devices. As identity-based threats continued to expand and operational complexity increased, the organisation sought a solution that could deliver modern protection capabilities without disrupting business operations or rewriting applications.
Moving forward
What began as a service account discovery and MFA enforcement initiative evolved into a broader identity security transformation. With complete visibility, granular access-based policy control, and adaptive access enforcement in place, the organisation significantly reduced its exposure to identity-based threats—without requiring changes to legacy applications or disrupting users.
Looking ahead, and with ITC’s continued support, the organisation plans to expand coverage by integrating Microsoft Teams to support step-up MFA for privileged users during PowerShell and remote desktop protocol (RDP) access. They also intend to onboard cloud-based non-human identities into Silverfort’s protection model to ensure consistent policy enforcement across on-premises and cloud environments.
About Silverfort
Silverfort secures every dimension of identity. We deliver end-to-end identity security that is easy to deploy and won’t disrupt business operations, resulting in better security outcomes with less work. Discover every identity, analyze exposures, and enforce protection inline to stop lateral movement, ransomware, and other identity threats.
About ITC
ITC Secure (ITC) is an advisory-led cyber security services provider and a Microsoft Solutions Partner with designations in Security, Modern Work, and Infrastructure. The company has a 25+ year track record of delivering business-critical services to over 300 global blue-chip organisations, bringing together the best minds in security, a relentless focus on customer service, and advanced technological expertise to help businesses succeed. With its integrated delivery model, 24×7 fully managed state-of-the-art Security Operations Centre, and customer-first mindset, ITC works as an extension of its customers’ teams to accelerate their cyber maturity – safeguarding their digital ecosystem, securing their business, and their reputation. ITC serves global organisations from its locations in the UK and US with a world-class team of cyber consultants, technical designers, and cyber experts. The company is an active member of the Microsoft Intelligent Security Association (MISA). ITC is also the winner of the ‘Cyber Security Company of the Year 2022’ award, ‘Customers at the Heart of Everything 2022’ award, Best WorkplacesTM 2022, Best WorkplacesTM in Tech 2022 and Best WorkplacesTM for Wellbeing 2023.
Moving forward
What began as a service account discovery and MFA enforcement initiative evolved into a broader identity security transformation. With complete visibility, granular access-based policy control, and adaptive access enforcement in place, the organisation significantly reduced its exposure to identity-based threats—without requiring changes to legacy applications or disrupting users.
Looking ahead, and with ITC’s continued support, the organisation plans to expand coverage by integrating Microsoft Teams to support step-up MFA for privileged users during PowerShell and remote desktop protocol (RDP) access. They also intend to onboard cloud-based non-human identities into Silverfort’s protection model to ensure consistent policy enforcement across on-premises and cloud environments.
About Silverfort
Silverfort secures every dimension of identity. We deliver end-to-end identity security that is easy to deploy and won’t disrupt business operations, resulting in better security outcomes with less work. Discover every identity, analyze exposures, and enforce protection inline to stop lateral movement, ransomware, and other identity threats.
About ITC
ITC Secure (ITC) is an advisory-led cyber security services provider and a Microsoft Solutions Partner with designations in Security, Modern Work, and Infrastructure. The company has a 25+ year track record of delivering business-critical services to over 300 global blue-chip organisations, bringing together the best minds in security, a relentless focus on customer service, and advanced technological expertise to help businesses succeed. With its integrated delivery model, 24×7 fully managed state-of-the-art Security Operations Centre, and customer-first mindset, ITC works as an extension of its customers’ teams to accelerate their cyber maturity – safeguarding their digital ecosystem, securing their business, and their reputation. ITC serves global organisations from its locations in the UK and US with a world-class team of cyber consultants, technical designers, and cyber experts. The company is an active member of the Microsoft Intelligent Security Association (MISA). ITC is also the winner of the ‘Cyber Security Company of the Year 2022’ award, ‘Customers at the Heart of Everything 2022’ award, Best WorkplacesTM 2022, Best WorkplacesTM in Tech 2022 and Best WorkplacesTM for Wellbeing 2023.
THE CHALLENGE:
CUSTOMER OVERVIEW
About
This UK-based financial services organisation provides wealth, mortgage, investment, and protection advice through a nationwide network of independent advisers. With a centralised operations team and unified technology infrastructure, the organisation supports thousands of distributed users across a complex identity environment while ensuring secure access to critical business services.
Environment
The organisation operates a hybrid environment built on legacy on-prem infrastructure and multi-domain Active Directory (AD). It manages two forests, including one parent and two child domains, alongside a separate testing forest that does not have a trusted relationship with the production environment. The ecosystem includes Microsoft Entra ID, Windows servers, and Microsoft 365, with many business-critical applications relying on New Technology LAN Manager (NTLM) and Lightweight Directory Access Protocol (LDAP) authentication. Thousands of users, both internal staff and external advisers, access resources across managed and unmanaged devices.
Why now:
Responding to compliance pressure and evolving threats
With increasing reliance on legacy on-premises infrastructure and externally accessible systems, the organisation faced mounting pressure to modernise its identity security controls. The team had limited visibility into how Active Directory service accounts were being used, including what resources they were accessing, how frequently, and from which systems. They also needed to enforce access policies across older applications and non-managed adviser devices. As identity-based threats continued to expand and operational complexity increased, the organisation sought a solution that could deliver modern protection capabilities without disrupting business operations or rewriting applications.
Mitigating identity risk: How a UK-based financial services organisation secured service accounts and strengthened access controls for external advisers
PROTECTED ENVIRONMENT
Two-forest Active Directory (one parent domain, two child domains)
Windows servers, Entra ID, Microsoft 365 Legacy applications using NTLM and LDAP
PROTECTED ACCOUNTS
750 employees
6,000 external advisers
INDUSTRY
Finance
BASED
UK
