Deploying Silverfort to Enforce MFA and Protect Service Accounts
At C-STEM, we partner with higher education institutions to address today’s complex identity security challenges. Our recent project with Trinity College Cambridge demonstrates how deploying Silverfort, a leading platform for unified identity protection, can deliver robust security without operational disruption.
The Challenge: On-Prem MFA and Service Account Visibility
Trinity College, one of 31 constituent colleges of the University of Cambridge, identified several security challenges in their identity security strategy. While cloud-based applications were well-protected, their on-prem infrastructure lacked MFA enforcement, leaving privileged accounts vulnerable. Service accounts, a critical part of their IT operations, also had limited oversight, increasing the risk of misuse or compromise.
The IT team sought to:
- Enforce MFA on privileged accounts in on-prem infrastructure
- Gain visibility and control over service account behaviours
- Implement security measures without disrupting existing IT operations
The Solution: C-STEM and Silverfort
As a trusted supplier to the Oxford and Cambridge University Colleges, C-STEM conducted a comprehensive review of Identity & Access Management (IAM) solutions tailored to the specific security and infrastructure needs of academic environments. Following peer feedback from a Cambridge College and a strategic assessment, we identified Silverfort as the optimal choice, particularly for its ability to deliver agentless MFA and visibility into service accounts.
Our collaboration with Trinity College, an early adopter of Silverfort, marked the beginning of a successful partnership. Working closely with their IT and security teams, we initiated a proof-of-concept on a single domain controller to validate the platform’s seamless integration with Active Directory and real-time authentication analytics.
Following the POC, Trinity College advanced to full deployment, achieving:
- MFA enforcement for legacy tools like RDP, PowerShell, and PsExec
- Adaptive authentication based on real-time risk signals
- Granular control of service accounts, including dormant account detection and lateral movement prevention
Silverfort’s efficient, non-disruptive rollout helped strengthen Trinity’s identity security posture while reinforcing C-STEM’s role as a trusted security partner across the Oxbridge community.
The Results: Stronger Protection, Immediate Value
Head of IT Duncan Malthouse-Hobbs praised the deployment:
‘Silverfort has provided us with a strong solution that was easy to deploy and delivered immediate identity security benefits. Its ability to protect legacy applications with MFA has made it an invaluable tool in our cybersecurity strategy.’
Infrastructure Engineer Bryan Carpenter added:
‘Rolling out Silverfort was incredibly straightforward. We quickly saw value in its ability to enforce MFA on legacy systems without requiring additional software.’
Through this collaboration, C-STEM and Silverfort have delivered a scalable identity security foundation for Trinity College, enhancing protection of privileged and service accounts without disrupting operations.
Want to know how Silverfort and C-STEM can protect your organisation?
Schedule a quick chat with one of our team members to find out more.