Post on 19-Nov-2015
description
Privileged Identity ManagementEnterprise Password Vault
*
Privileged Password Management AgendaPrivileged Users 101What are privileged UsersThe ChallengeCommon Practices and the Risks InvolvedDrivers: Regulations and Internal BreachesBusiness and Technical Requirements Cyber-Ark Enterprise Password Vault TechnologyArchitectureBenefitsDemonstrationQ&A
Identity Management Individual Users Component - Directories
Person 1
LDAP/Identity ManagementPartnersThe Password Vault and can be integrated with any LDAP or Identity management solution, Cyber-Ark has strategic partnerships with the companies below. Together an organization will be able to manage both users and shared privileged accounts
PIM - White Space for Major IAM Players
*
What Are Privileged Accounts?Administrative AccountsApplicationAccountsPersonalComputerAccounts
Shared:Help DeskFire-callOperationsEmergencyLegacy applicationsDeveloper accounts
*
Common practices:Storage: Excel spreadsheets, physical safes, sticky notes, locked drawers, memorizing, hard coded in applications and servicesResets: Handled by a designated IT members, call centers, mostly manualKnown to: IT staff, network operations, help desk, desktop support, developersCommon problems:Widely known, no accountabilityUnchanged passwordsLost passwordsSame password across multiple systemsSimplistic passwords easy to remember Passwords not available when needed
Privileged Accounts Today
*
Key Business DriversRegulatory Compliance (Sarbanes Oxley, PCI, BS7799 etc.)Auditing and ReportingControlSegregation of DutiesProactive Improvement of Information Security PracticesLost and Risk preventionReturn on InvestmentAdministrative Password ManagementInternal BreachReturn On InvestmentEfficiency and Productivity
Mission StatementCyber-Ark Software is an Information Security company that develops and markets digital vaults for securing and managing highly-sensitive information within and across global enterprise networks.
FirewallSession EncryptionAuthenticationAccess ControlManual & Geographical SecurityAuditing (Visual Security)Vault Safes (Local Drive or SAN)Cyber-Ark Vault ServerFile Encryption
Password Vault ArchitectureDisaster Recovery SiteDesktopsMain FrameWindows ServersUnix ServersPassword VaultCentral Password ManagerDirectory ServerNetworking Devices
Application PasswordsScriptsShell, Perl, Bat, SqlplusApplicationsCustom developed C/C++, COM, Java, .NET codeApplication Servers (WebSphere, WebLogic)ProductsIT ManagementETL tools (Informatica, etc)
Hard-Coded Password Embedded in Code..UserName = appPassword = asdfHost = 10.10.3.56ConnectDatabase(Host, UserName, Password).Work with database.source1.vbs..UserName = appPassword = PVToolKit(Vault.ini,User.ini,Safe,Root\Password)Host = 10.10.3.56ConnectDatabase(Host, UserName, Password).Work with database.source1-new.vbs
*
Exceptionally secure solution for the keys of the kingdom
Supreme performance, availability and disaster recovery due to its mission-critical nature
Flexible distributed architecture to fit the enterprise complex network topology
Single standard solution for a multi-facet problem
Intuitive and robust interfacesRequirements for Privileged Accounts Management Solution
*
Thank You
David AdamczykChannel Sales ManagerCyber-Ark Softwaredavid.adamczyk@cyber-ark.com
*
*
*
*
*
*