Cyber-Ark: Management of Privileged Passwords

Most identity management systems focus on handling "normal" users. Many servers, network routers, databases, and workstations have special privileged accounts. A high percentage of security breaches come from inside staff misusing such privileged accounts. These are handled badly by identity management systems, because they are general-purpose accounts that will be used by many people. Role-based approaches work for some situations, but do not generally have sufficient audit capabilities.

Cyber-Ark's solution authenticates individual users, and then provides them with access information for the system requested, subject to authorization. It also changes the passwords on the systems being accessed. This allows a number of access options, including time-limited, one-time access. Access to accounts is audited, with clear reporting provided.

This solution solves an important, specialized problem. Cyber-Ark has an impressive list of customers, including the Bank of England as a reference customer.

... Steve Kille

Post a comment

You must be logged in to post a comment. To comment, first join our community.