The Challenge
A prominent WA government department needed to strengthen its security posture and advance towards Essential 8 maturity level 3. A key gap was multi-factor authentication (MFA) for legacy systems that did not support modern authentication methods.
Remote Desktop Protocol (RDP) access was of particular concern. The department needed a solution that could enforce MFA for privileged access without disrupting operations. They also wanted to close security gaps that traditional firewalls and network segmentation alone could not fully address.
Our Solution
Zetta introduced the department to Silverfort, an identity security platform. Following a technical assessment, Silverfort ran a proof of concept (POC), demonstrating the platform’s ability to extend MFA to legacy applications and services.
The timing was ideal, as the department was already implementing a project to improve security through network segmentation of backend servers, admin jump hosts, and end-user devices. Silverfort complemented this effort by:
-
Enforcing MFA for server access, including legacy systems.
-
Restricting backend server access to authorised jump hosts only.
-
Filling security gaps left by firewalls and VLAN segmentation.
-
Delivering easy-to-manage, policy-based controls with full visibility.
After a successful POC, the department chose to expand Silverfort into production. Zetta deployed additional infrastructure for high availability, rolled out production policies, and fine-tuned configurations. To minimise risk, policies were initially deployed in audit mode, allowing the team to monitor impacts before full enforcement.
The Outcome
The project delivered a fully configured Silverfort environment tailored to the department’s requirements. Zetta provided detailed design documentation and a guide to help the internal IT team manage and extend policies in the future.
Key outcomes included:
-
Improved Security Posture – MFA was enforced across legacy systems and RDP sessions, significantly reducing risks.
-
Essential 8 Compliance – The department advanced its Essential 8 maturity, closing audit gaps and improving cyber resilience.
-
Operational Visibility – Silverfort provided detailed reporting and metrics on service account activity, which the department lacked before.
-
Future Flexibility – With policy templates and clear documentation, the IT team is equipped to adapt security controls as needs evolve.
Conclusion
Through the successful deployment of Silverfort MFA, the WA government department achieved a significant uplift in security maturity. What began as a challenge around legacy system protection became an opportunity to strengthen overall cyber resilience. With Zetta’s guidance and Silverfort’s advanced capabilities, the department not only met its immediate requirements but also established a scalable foundation for future security improvements.
