Privileged Identity ManagementEnterprise Password Vault

*

Privileged Password Management AgendaPrivileged Users 101What are privileged UsersThe ChallengeCommon Practices and the Risks InvolvedDrivers: Regulations and Internal BreachesBusiness and Technical Requirements Cyber-Ark Enterprise Password Vault TechnologyArchitectureBenefitsDemonstrationQ&A

Identity Management Individual Users Component - Directories

Person 1

LDAP/Identity ManagementPartnersThe Password Vault and can be integrated with any LDAP or Identity management solution, Cyber-Ark has strategic partnerships with the companies below. Together an organization will be able to manage both users and shared privileged accounts

PIM - White Space for Major IAM Players

*

What Are Privileged Accounts?Administrative AccountsApplicationAccountsPersonalComputerAccounts

Shared:Help DeskFire-callOperationsEmergencyLegacy applicationsDeveloper accounts

*

Common practices:Storage: Excel spreadsheets, physical safes, sticky notes, locked drawers, memorizing, hard coded in applications and servicesResets: Handled by a designated IT members, call centers, mostly manualKnown to: IT staff, network operations, help desk, desktop support, developersCommon problems:Widely known, no accountabilityUnchanged passwordsLost passwordsSame password across multiple systemsSimplistic passwords easy to remember Passwords not available when needed

Privileged Accounts Today

*

Key Business DriversRegulatory Compliance (Sarbanes Oxley, PCI, BS7799 etc.)Auditing and ReportingControlSegregation of DutiesProactive Improvement of Information Security PracticesLost and Risk preventionReturn on InvestmentAdministrative Password ManagementInternal BreachReturn On InvestmentEfficiency and Productivity

Mission StatementCyber-Ark Software is an Information Security company that develops and markets digital vaults for securing and managing highly-sensitive information within and across global enterprise networks.

FirewallSession EncryptionAuthenticationAccess ControlManual & Geographical SecurityAuditing (Visual Security)Vault Safes (Local Drive or SAN)Cyber-Ark Vault ServerFile Encryption

Password Vault ArchitectureDisaster Recovery SiteDesktopsMain FrameWindows ServersUnix ServersPassword VaultCentral Password ManagerDirectory ServerNetworking Devices

Application PasswordsScriptsShell, Perl, Bat, SqlplusApplicationsCustom developed C/C++, COM, Java, .NET codeApplication Servers (WebSphere, WebLogic)ProductsIT ManagementETL tools (Informatica, etc)

Hard-Coded Password Embedded in Code..UserName = appPassword = asdfHost = 10.10.3.56ConnectDatabase(Host, UserName, Password).Work with database.source1.vbs..UserName = appPassword = PVToolKit(Vault.ini,User.ini,Safe,Root\Password)Host = 10.10.3.56ConnectDatabase(Host, UserName, Password).Work with database.source1-new.vbs

*

Exceptionally secure solution for the keys of the kingdom

Supreme performance, availability and disaster recovery due to its mission-critical nature

Flexible distributed architecture to fit the enterprise complex network topology

Single standard solution for a multi-facet problem

Intuitive and robust interfacesRequirements for Privileged Accounts Management Solution

*

Thank You

David AdamczykChannel Sales ManagerCyber-Ark Softwaredavid.adamczyk@cyber-ark.com

*

*

*

*

*

*