Set, manage and monitor privileged account security

CyberArk announced Master Policy, a new “policy engine’ that enables customers to set, manage and monitor privileged account security in a single interface. The once complex process of transforming business policy and procedures into technical settings is now easily manageable and understandable to an organization’s stakeholders, including security operations, risk officers and auditors.

The release is available in version 8.0 of CyberArk’s privileged account security solution released today and will ship with all new installations of CyberArk’s PIM and PSM suites.

Privileged accounts have been identified as the primary target in internal and advanced external attacks, and have been implicated in 100 percent of breaches. As the risk of advanced threats increases, compliance regulations like PCI DSS, Sarbanes Oxley, NIST, NERC-CIP, HIPAA and others have become stricter. Master Policy enables organizations to set policy first to better meet their security and compliance needs.

Key benefits of Master Policy include:

• A simplified process for creating and managing privileged account security policy, that can now be set up in minutes rather than days or weeks
• Improved security posture of the organization by approaching privileged account security with policy first
• Meets business demands by quickly and accurately translating written policy into privileged account security controls
• Enables organizations to meet and demonstrate compliance regulations like PCI DSS, Sarbanes Oxley, NIST, NERC-CIP and more
• Allows enterprise global policy to be set while providing controlled, granular level exceptions to meet the unique operational needs of the business
• Decreases resource strain by empowering security risk and audit teams to enforce policy in their native language.

“Policy is the foundation of a sound security infrastructure. It has been difficult to enforce written policy throughout the enterprise, as it is time-consuming and difficult to translate that written policy to technical settings for operational departments,” said Sally Hudson, Research Director, IDC. “With today’s advanced threat landscape, the enterprise can no longer afford to overlook the importance of accurate policy settings and enforcement. Simplifying this process gives control back to the security, risk and audit teams and allows them to use their expertise to mitigate the risks posed by insider and outsider threats and comply with strict regulations.”