Tag: CyberArk

Privileged Account Management Is Critical in the Cloud

Cloud Security
The move to the cloud began in earnest in 2007, as organizations looked for ways to cut capital expenses during the Great Recession. Fast-forward a decade, and the cloud is more popular than ever. According to a recent survey by LogicMonitor, 68 percent of workloads are running in public, private, or hybrid clouds, and that number will increase to...

Application Greylisting Provides Greater Security and Flexibility

Application Greylisting
Misplaced trust is a dangerous thing when it comes to cybersecurity. Attackers routinely take advantage of systems that automatically permit certain types of activity. Therein lies the problem with application whitelisting, which is the practice of designating specific applications that users are allowed to run on their systems. It’s the opposite of blacklisting, which blocks applications that are known...

Clango Innovation Labs: Maximizing the Value of CyberArk

CIL
Given the large and growing volume of privileged account credentials in the typical IT environment, most organizations recognize the need for automated privileged account management (PAM) solutions. PAM platforms provide one central location for storing, protecting, and managing privileged credentials so only authorized users can access them for legitimate business or IT reasons. However, PAM solutions have a reputation...

How to Minimize the Risk of Local Admin Rights and Privileged Account Attacks

EPM
In our last post, we discussed the risks of granting administrator rights to end users at the workstation level. Local admin rights enable users — or hackers — to do whatever they want with a machine. An attacker who is able to obtain local admin credentials can launch a “pass-the-hash” attack, leveraging well-known Windows vulnerabilities to obtain higher-level privileged...

Privileged Account Risk Begins at the Workstation Level

Local Admin Risk
At Clango, our CyberArk consultants and engineers are often asked, “What constitutes a privileged account?” Many people who ask that question are surprised by the answer. There’s a common misconception that privileged accounts are only those that enable the highest levels of administrator access — for example, domain controller credentials in a Microsoft environment. However, any admin rights, even...

Fill Skills Gaps by Partnering with CyberArk Experts

CyberArk Engineers
Demand for IT professionals continues to increase, causing the “skills gap” to grow wider than ever. According to the Bureau of Labor Statistics (BLS), by 2020, there will be one million more IT jobs available than qualified applicants to fill them. In a 2017 study by industry association CompTIA, 46 percent of executives said that skills shortcomings had gotten...

How to Facilitate the IT Audit Process with CyberArk

IT Audits
Many IT teams dread the arrival of auditors. Perhaps they lack a basic understanding of the IT audit process, and don’t know what the auditors are looking for. However, IT teams should recognize the importance of having a third party evaluate the organization’s overall security and compliance position, and facilitate the process through the use of tools such as...

What Is Privileged Session Management and Why Is It Important?

PSM
The critical first step in privileged account management (PAM) is to identify, consolidate, and lock down privileged credentials so only authorized users have access to them. However, this is only the first step. To be effective, PAM should include privileged session management as well as credential protection. Privileged session management is a security control involving the monitoring and recording...

How to Tap the Valuable Data in CyberArk’s Enterprise Password Vault

Clango Password Vault
A key feature of CyberArk’s Core Privileged Access solution is the Enterprise Password Vault. This vault reduces the risk that privileged account credentials will be compromised by providing a centralized location for managing user entitlements and passwords. It is designed to protect privileged identities throughout the IT environment, including DevOps, DevTest, on-premises, and cloud-based systems. It also provides privileged...

Automation Helps Meet Regulatory Requirements for Privileged Accounts

Automation
Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...