Privileged Identity Management Suite against insider threats and data theft
Cyber-Ark announced availability of its Privileged Identity Management Suite v5.0. The Suite is a solution for securing, managing and monitoring all activities associated with powerful privileged accounts, including both administrative and application identities. It is comprised of enhanced Enterprise Password Vault, Application Identity Manager products, and features the new Privileged Session Manager that provides sensitive session monitoring and recording, secure remote access, and privileged single sign-on capabilities.
The Suite features a single, central infrastructure and provides administrators with fine-grained access control and advanced web-based reporting capabilities to address audit and compliance questions. With new session recording capabilities and multiple password inventory reports, administrators can answer not only “who” accessed sensitive information, but also “what” was done with that information once it was accessed.
To address those challenges, the new Privileged Session Manager offers a robust set of capabilities, such as:
- Recording and monitoring privileged session activities: Privileged Session Manager enables organizations to control and monitor privileged access to sensitive systems and devices, and provides privileged session recording with DVR-like playback. Recordings are stored and protected in the Digital Vault Server and are accessible to entitled auditors
- Secure remote access: Privileged Session Manager allows browser-based access to managed devices. This functionality is critical, especially as privileged access is often required by external third party vendors who may need to conduct trouble shooting or device maintenance on a secure network. These users require extra care that is made possible through secure remote access and secure session initiation, without exposing credentials
- Privileged single sign-on: A single login to the Privileged Identity Management portal with optional 2-factor authentication allows connections to managed devices without knowing the connection passwords. This enables customers to enforce 2-factor authentication for sensitive device access without the need to deploy a complex single sign-on solution.
Core to the suite is Cyber-Ark’s patented Digital Vault technology that provides the underlying security capabilities for authentication, encryption, tamper-proof audit and data protection. The Suite easily integrates with existing enterprise systems and can protect and manage hundreds of thousands of passwords across highly heterogeneous environments. The simple, easy-to-deploy web-based interface supports rapid user adoption and presents a consistent, consolidated view of privileged accounts and sessions. Additional features and functionality include:
- New out-of-the-box SAP plug-in: The new plug-in for SAP Application Server supports automatic management including change, verification and reconciliation of select SAP accounts. As awareness of the power of privileged users moves up the stack to the application layer, Cyber-Ark can now protect access to key business suites the way it does for other assets like servers, routers and databases
- Hardware security modules (HSM) support: The Privileged Identity Management Suite integrates with HSM tools and provides a new means for protecting their encryption keys within a secure device. With this integration, instead of having to store keys on a CD, organizations can now store keys as non-exportable
- Enterprise integration – Security information and event management (SIEM): The Privileged Identity Management Suite easily integrates with SIEM tools to create a complete audit picture of privileged account activities. Anything that happens in the Digital Vault can be sent as audit logs to the SIEM tool.