One of the Fortune 50 companies we work with faced persistent identity security risks due to excessive AWS permissions—see how SGNL helped them eliminate standing access and strengthen their security posture.
For years, financial institutions and large enterprises have worked to secure their identity and access management systems. Yet, standing access remains one of the biggest vulnerabilities, leaving organizations exposed to breaches, operational failures, and regulatory risks.
The problem is clear: when employees and systems retain ongoing access to critical environments, attackers only need one compromised identity to cause catastrophic damage. The recent MGM Resorts breach, which led to a $100 million loss in just 10 days, is a stark reminder of the impact that excessive privileges can have on an organization.
Here’s how one of the Fortune 50 companies that SGNL works with set out to solve this problem, and how we helped to make it happen.
Managing identity security at scale is no small challenge. This particular enterprise, which generates tens of billions in annual revenue, operates in a fast-moving, high-growth industry where constant availability is critical.
Despite investing in traditional identity security tools like Privileged Access Management (PAM) and Identity Governance & Administration (IGA), they struggled to eliminate excessive, long-lived AWS permissions, which meant:
With nearly 80% of high-profile breaches linked to excessive standing access, the company’s Identity Security team needed a Zero Standing Privilege (ZSP) approach, one that removed persistent permissions without disrupting operations.
Traditional identity security models weren’t designed for the scale and speed of modern cloud environments. The company had already tried:
Ultimately, none of these approaches provided the level of real-time, ZSP access management they needed.
The company selected SGNL to deploy a modern Privileged Identity Management (PIM) system, designed to eliminate standing access to AWS while enabling dynamic, policy-based access control.
Here’s how SGNL transformed their identity security strategy:
Within just a few weeks, the proof of concept (PoC) proved SGNL’s effectiveness. The full deployment took just six months—far faster than the typical multi-year rollout of legacy PAM and IGA solutions.
The results included:
By eliminating standing access, this Fortune 50 company dramatically reduced its identity attack surface, ensuring that access is always contextual, dynamic, and fully auditable.
SGNL’s Zero Standing Privilege model is now a core part of their identity security strategy, with plans to expand into broader privileged session revocation, continuous access enforcement, and identity threat detection & response (ITDR).
Identity security is evolving—has your organization caught up?
If your enterprise is still relying on legacy PAM and IGA to manage privileged access, it’s time to rethink your approach.
Check out the full case study to see how SGNL helped eliminate standing access at scale.
Want more of the latest identity-first security topics and trends delivered to your inbox? Helpful and insightful content, no fluff.