For years, financial institutions and large enterprises have worked to secure their identity and access management systems. Yet, standing access remains one of the biggest vulnerabilities, leaving organizations exposed to breaches, operational failures, and regulatory risks.
The problem is clear: when employees and systems retain ongoing access to critical environments, attackers only need one compromised identity to cause catastrophic damage. The recent MGM Resorts breach, which led to a $100 million loss in just 10 days, is a stark reminder of the impact that excessive privileges can have on an organization.
Here’s how one of the Fortune 50 companies that SGNL works with set out to solve this problem, and how we helped to make it happen.
The risk of standing access in a high-stakes business
Managing identity security at scale is no small challenge. This particular enterprise, which generates tens of billions in annual revenue, operates in a fast-moving, high-growth industry where constant availability is critical.
Despite investing in traditional identity security tools like Privileged Access Management (PAM) and Identity Governance & Administration (IGA), they struggled to eliminate excessive, long-lived AWS permissions, which meant:
- A single compromised identity could bring business operations to a halt
- Misconfigurations or human error could lead to unintended outages
- Regulatory compliance risks were harder to manage at scale
With nearly 80% of high-profile breaches linked to excessive standing access, the company’s Identity Security team needed a Zero Standing Privilege (ZSP) approach, one that removed persistent permissions without disrupting operations.
Why PAM and IGA weren’t enough
Traditional identity security models weren’t designed for the scale and speed of modern cloud environments. The company had already tried:
- Privileged Access Management (PAM) – Manually managing privileged access workflows was too slow and resource-intensive.
- Identity Governance & Administration (IGA) – It helped with policy enforcement but couldn’t dynamically adjust access in real time.
- Homegrown identity tools – Custom solutions added complexity but still didn’t eliminate standing access effectively.
Ultimately, none of these approaches provided the level of real-time, ZSP access management they needed.
The SGNL solution: achieving true zero standing privilege
The company selected SGNL to deploy a modern Privileged Identity Management (PIM) system, designed to eliminate standing access to AWS while enabling dynamic, policy-based access control.
Here’s how SGNL transformed their identity security strategy:
- Reduced 30,000 static roles to just 6 contextual policies – Cutting through role sprawl and reducing complexity.
- Achieved Zero Standing Privilege across 500 AWS accounts – Ensuring no long-lived access existed.
- Enabled dynamic access based on ServiceNow tickets – Tied access approvals directly to business-justified needs.
- Automated access revocation – Once a task was completed, permissions were removed instantly.
- Saved 100+ hours per quarter on access certifications – Freeing up security teams for higher-value work.
Immediate impact: a faster, safer security model
Within just a few weeks, the proof of concept (PoC) proved SGNL’s effectiveness. The full deployment took just six months—far faster than the typical multi-year rollout of legacy PAM and IGA solutions.
The results included:
- Drastically reduced risk of breaches and outages
- Stronger policy enforcement across systems
- Fewer manual access reviews, saving time for security teams
- A foundation for continuous access management and ITDR initiatives
A new standard for identity security
By eliminating standing access, this Fortune 50 company dramatically reduced its identity attack surface, ensuring that access is always contextual, dynamic, and fully auditable.
SGNL’s Zero Standing Privilege model is now a core part of their identity security strategy, with plans to expand into broader privileged session revocation, continuous access enforcement, and identity threat detection & response (ITDR).
Identity security is evolving—has your organization caught up?
If your enterprise is still relying on legacy PAM and IGA to manage privileged access, it’s time to rethink your approach.
Check out the full case study to see how SGNL helped eliminate standing access at scale.