Securing Active Directory and Service Accounts at Lineas

This case study details the efforts of Lineas, the largest private rail freight operator in Europe, to enhance its Active Directory (AD) security and manage service account risks. The document outlines the challenges faced by Lineas, including limited multi-factor authentication (MFA) options and a lack of visibility into service account activities, which increased their vulnerability to ransomware attacks. The case study describes the implementation of Silverfort’s identity security solution, which involved enforcing MFA for privileged access and cleaning up excessive access paths. Following a proof of concept (POC), Lineas successfully deployed Silverfort across its hybrid environment, focusing on risk-based policies for remote desktop protocol (RDP) connections. The initiative led to the identification of over 60% of inactive service accounts, prompting a comprehensive cleanup and improved operational hygiene. The case study emphasizes the importance of ownership and accountability in managing service accounts and highlights the ongoing efforts to refine AD protections and enhance identity access management.