Everybody will agree with the fact that cybersecurity is the need of the hour in the organizations because cyber threats are constantly creating havoc thereby causing huge losses. The need for cybersecurity is even more in the case of privileged accounts. The reason being most of the advanced cyber-attacks target the privileged accounts. However, given their limited infrastructure and untrained staff, most of the organizations are not in a position to protect their privileged accounts. Many companies even don’t have a cyber-security readiness plan to secure their credentials, privileged accounts, and secrets, etc.
CyberArk is a security tool, which has a strong capability to meet the cybersecurity needs of the organizations. With CyberArk, the organizations don’t need to have any extra infrastructure resources or management. Instead, the CyberArk tool provides organizations with the ability to secure their privileged accounts and credentials in a highly efficient manner.
CyberArk is predominantly a security tool used for the security of privileged accounts through password management. It protects the privileged accounts in the organizations by way of maintaining the passwords automatically. Using the CyberArk tool, you can store and maintain data by rotating the credentials of all the important accounts so that you can defend the malware and hacking threats efficiently. Being a highly protective tool, CyberArk is used in industries such as energy, healthcare, financial services, and retail, etc. The reputation of CyberArk is such that it has been used by around 50% of the Fortune 500 companies across the world.
An account, which can be said a privileged account is the one, which has access to information such as social security numbers, credit card numbers, and PHI information, etc. However, from a broader perspective, the definition of a privileged account depends on the type of privileged data in the organizations. Some of the privileged accounts in organizations include local admin accounts, privileged user accounts, domain admin accounts, emergency accounts, service accounts, and application accounts, etc.
History of CyberArk
CyberArk is an Israel company having its headquarters located at Petah, In Israel. Its USA headquarters is located in Newton and it also has a presence in EMEA, Asia Pacific, and Japan. It was founded in 1999 by Udi Mokady, an alumnus of Boston University’s Metropolitan College.
Since its inception, the company has focused on helping organizations in protecting them from cyber-attacks and now it is one of the most reputed cybersecurity companies in the world. From being a start-up, Cyber-Ark rose to the level of a public limited company and listed in the NASDAQ stock market.
In the last six years, it has gone on an expansion spree acquiring companies such as Viewfinity, Conjur Inc, and Vaultive. Among these companies, Viewfinity and Conjur Inc are Massachusetts-based having interests in privilege management and application control software and cloud services, respectively. CyberArk has revenue of $343 million as of 2018 and a head strength of 1,380 as of Q4 2019.
Industries using CyberArk
If we look at which companies using CyberArk the most, the computer software industry tops the list and the least is human resources. Here is the complete list of industries that use the CyberArk tool.
Information Technology and Services
Hospital & Health Care
Being a leader in the cybersecurity solutions, CyberArk provides immense benefits to the organizations. Some of these benefits include the following:
Ease of tracking credentials: With CyberArk Privileged Account Security Solution, you don’t need to keep track of the passwords manually. Instead, what you need to do is to track only CyberArk credentials. That would suffice. The rest will be taken care of by CyberArk.
Increased time savings: Since CyberArk is powered with automated password management capabilities; there will be less time consumption in password management.
Lack of redundancy in updating policies: Since CyberArk provides the admins to manage and update privilege policies for users centrally; there won’t be any redundancy in updating policies.
Propagation of password changes across the applications: CyberArk provides management of database passwords centrally and ensures propagation of password change across all the dependent applications and services. This results in the elimination of the risk of broken processes. It also results in preventing the risk of revenue loss with every password change.
Apart from the above, some of the other benefits of CyberArk includes - management and protection of all privileged accounts and SSH Keys, controlling access to privileged accounts, initiating and monitoring privileged sessions, managing application and service credentials, enabling compliance with audit and regulatory requirements, and seamless integration with enterprise systems, etc.
At the heart, CyberArk Privileged Access Security solution contains multiple layers providing highly secured solutions for storing and sharing passwords in the organizations. These layers include - Firewall, VPN, Authentication, Access control, and Encryption, etc.
The architecture consists of the following major elements:
Storage Engine: The storage engine, which is also called a server or vault, holds the data. It also ensures securing the data and authenticated and controlled access.
Interface: The responsibility of the interface is to communicate with the storage engine and also provides access to users and applications. The communication between the storage engine and the interface occurs through the vault protocol, which is a secure protocol of CyberArk.
The following are the components of CyberArk:
Digital Vault: The Digital Vault is the most secure place in the network where you can store your confidential data. Since the pre-configured, it is readily usable.
Password Vault Web Access: This is a web interface, which allows the management of privileged passwords. As part of password management, you can use this component to create new privileged passwords. The interface has a dashboard, which provides you to view the activity in the security solution. It also displays the managed passwords in graphical form.
Central Policy Manager: This component changes the existing passwords automatically and replaces them with new passwords. It also provides verification and reconciliation of passwords on remote machines.
Privileged Session Manager: The Privileged Session Manager component provides access to privileged accounts from a central point. It also enables a control point to initiate privileged sessions.
Privileged Session Manager for Web: This component enables the companies to have a cohesive approach to secure access to multiple applications, services, and cloud platforms.
Privileged Threat Analytics: The Privileged Threat Analytics component continuously monitors how the privileged accounts are used in the CyberArk Privileged Access Security (PAS) platform. Along with this, it also monitors the accounts not managed by CyberArk and checks if there is any indication of threats.
Password Upload Utility: It makes the vault implementation process faster and automatic by uploading multiple passwords to the Privileged Access Security solution.
SDK Interfaces: The SDK interfaces include - Application Password SDK, Application Password Provider, and Application Server Credential Provider. Among these, the Application Password SDK eliminates the need of storing passwords in applications and allows them to store centrally in the Privileged Access Security solution. Whereas the Application Password Provider is a local server, which obtains passwords once they are retrieved from the vault and provides immediate access to them. The Application Server Credential Provider interface automatically and securely manages the application server credentials that are stored inside XML files.
The implementation of CyberArk can be done in a phased manner. Some of the suggested phases include Business and security requirements analysis, Scope definition, Solution launch and execution, Risk mitigation plan, and Companywide execution. The following gives a brief insight into these phases:
Business and security requirements analysis: In this first phase, you need to identify the specific security requirements and also analyze the risks and outline the controls. You also need to identify the privileged accounts, prioritize the privileged accounts, identify the high value and critical assets, and specify the controls and timelines.
Scope definition: As part of this second phase, you need to specify the scope and also define who the stakeholders are and what their responsibilities are.
Solution launch and execution: In this third phase, the project kick-off meeting should be followed by architectural design, solution design, and solution implementation.
Risk mitigation plan: In this phase, a small group accounts have to be made as a pilot and issues have to be identified.
Companywide execution: Once the initial implementation is completed successfully implementing all the key factors, you can expand the privileged account security program across the organization by following the same process. As part of this phase, you also can formalize the metrics for the success of