University of the Pacific is a private university in California with campuses in Stockton, Sacramento, and San Francisco. Founded in 1851, it holds the distinction of being California’s first chartered university and today serves a diverse academic community of students, faculty, and administrative staff. With a strong focus on interdisciplinary learning, professional programs, and community engagement, the university supports a complex and growing IT environment that combines multiple domains and user types.

The university’s hybrid environment spanned four separate domains and included thousands of users, as well as hundreds of applications and AD service accounts, many of which seemed to be either inactive, misconfigured or completely undocumented.

The security team had limited visibility into how both privileged users and service accounts were behaving: which resources they were authenticating to and from, or whether they were even still in use. Outdated authentication protocols, were still widespread across the environment, introducing exposure risks that were difficult to detect and secure.

“Our own privileged accounts had gradually accumulated access over time, and I was looking at my own account and the level of access it had. There was no centralized control, no visibility, and no easy way to enforce MFA or an access policy across the board,” added Kerns.

Like many long-established institutions, University of the Pacific operated within a legacy Active Directory (AD) environment that had grown increasingly complex over time. Years of technical debt, limited visibility, and overlapping permissions created a security blind spot in their identity infrastructure.

The University of the Pacific team recognized the need for an identity security platform – one that could not only strengthen security controls but also help them rethink how to manage access across a legacy infrastructure. As an existing CrowdStrike customer, the team considered expanding into its Identity Protection capabilities to cover AD risks and privileged access gaps.

When it came to selecting an identity security partner, University of the Pacific found that Silverfort stood out not just for technical capabilities, but for the speed and simplicity of rollout.

“One of my indicators of success is how quickly a demo or POC gets off the ground. Once we began mapping our environment to the Silverfort platform, we had it up and running in just two hours. By the next day, we were already seeing value: experimenting with policies, generating reports, and uncovering unknown issues almost immediately. That kind of instant feedback gave us real confidence that Silverfort was the right fit,” declared Shawn Kerns.

Following a fast and insightful POC, University of the Pacific moved ahead with Silverfort to extend security across its hybrid identity environment. The security team began by focusing on real-time insights into how accounts – especially highly privileged users and service accounts – were interacting with their domain controllers.

The University of the Pacific focused on monitoring service account behavior using Silverfort’s report-only mode. Within days, the team surfaced over 1,200 service accounts. With this clarity, they began building conditional access policies using Silverfort’s Smart Policy capability, gradually restricting risky behavior while maintaining operational continuity.

“We had three accounts generating hundreds of thousands of events a day. I had a sense of what was going on, but Silverfort gave me the data to back it up and helped me show the technology teams what needed to be fixed,” said Kerns.

With policy enforcement underway for service accounts, the team then shifted focus to protocol hardening and privileged access enforcement. They worked on long-standing gaps with legacy protocols by setting rule-based policies to detect usage, monitor system-level activity, and sending alerts on outdated authentication attempts without disrupting services.

Simultaneously, they began rolling out adaptive MFA protection policies for privileged users, ensuring high-risk operations like domain elevation or PowerShell access were gated by step-up authentication.

“We have tried to solve MFA at the desktop level for years, and now we have that capability. I can sleep easier at night knowing that if someone’s knocking, I’ll get the Silverfort prompt,” said Kerns.

By deploying Silverfort’s Identity Security Platform, University of the Pacific gained end-to-end visibility into its most critical identity layers – including highly privileged users, service accounts, and legacy authentication protocols. The security team now has the tools to continuously monitor identity behavior, apply risk-based security controls, and proactively reduce exposures across their hybrid environment.