Greenfield divestiture cybersecurity architecture

A respected global pharmaceutical enterprise divested one of its lines of business, with assets and people dispersed around the world. They needed to create their own standalone IT architecture that was free of the old parent company, including servers, data, applications, and managed services. But before they could even do this, they’d need the architecture for the essential cybersecurity layer which resides on top of all of the IT infrastructure. This was a true “greenfield” environment, because nothing existed when Ensunet was brought in.

Adding to the challenge: Before the new company was even up and running, they acquired yet another global company (spun off from yet another global enterprise) in order to bolster their portfolio of offerings. This added to the security footprint.

And one more challenge: All of this needed to be accomplished during a global pandemic lockdown, which necessitated work-from-home for all parties involved.

For this project, Ensunet provided the security IAM, or “identity and access-management” architecture. This included cloud security, privileged access, and directory services.

Our deliverables included an architectural handbook with solution summaries and proposals that feed into the architectural plan operations, with high- and low-level designs, as-built documentation, and configuration solutions.

All of this was trickier than it seems. There was a high degree of education and consensus-building involved, since all parties needed to agree upon something that simply didn’t yet exist. And that was even harder when everyone—on the Ensunet side and the client side—was restricted to phone calls and Zoom meetings.

Ensunet provided the crucial senior-level security architect for this effort, who boasted years of experience with cybersecurity in general—and with publicly-traded pharmaceutical enterprises (and all of the regulatory implications they entail) in particular.

Our security architect worked with a team of three project managers, two business analysts, and a half-dozen engineers. He needed to interface with his own counterparts and the information-security people on the customer side. He was also tasked with wrangling a dozen different vendors and managed-services providers.

All of these were sourced differently. The applications and the data from the original company were never configured to securely interface with the newly-acquired one. And all of this needed to be accomplished remotely, given the covid lockdown.