Case Study: Bupa achieves centralized privileged access control and reduced risk with CyberArk Privileged Access Management

Bupa Deploys PAM To Gain Visibility And Control Across User Accounts

Bupa, a major health and care group serving over 6 million customers in Australia and New Zealand with 22,000 employees, faced a growing risk from widespread privileged credentials across administrative and standard accounts. Entrusted with vast amounts of sensitive personal, financial and medical data, the organisation needed stronger governance, role-based access and least-privilege controls to reduce entitlements and protect its “crown jewel” applications.

Bupa implemented CyberArk Core Privileged Access Security and CyberArk Discovery and Audit, centralising credential management, applying role-based least-privilege policies, and running onboarding workshops and regular account discovery scans. The rollout delivered unified visibility and precise access allocation across on-prem, cloud and hybrid environments, removed many thousands of privileged accounts, improved reporting and compliance, and materially increased operational efficiency and control.

Bupa

Michael Freeman

Security Manager for Identity and Access