“The company has gradually expanded from its initial start as an enterprise vault for file and sensitive content sharing to assume a commanding position in privileged identity management (PIM), encompassing privileged user single sign-on, session monitoring and password management.”

- Steve Coplan,
Impact Report
The 451 Group

Privileged Identity Management Suite

Products

User Interface

Click to enlarge

Click to enlarge

Managing privileged identities and accounts with Cyber-Ark
Learn More

Learn about the solutions our products provide:

Technology Spotlight

Our patented Digital Vault provides premier security.
Learn More

Who has the "Keys to the Kingdom”? Mismanagement of privileged identities puts your company at risk.

Privileged accounts and passwords are extremely powerful, allowing a privileged user to log on anonymously and have complete control of the target system with full access to all of the information on that system. This vulnerability could potentially cause tremendous financial losses and reputational damage for businesses. For enterprises, this potential insider threat is especially difficult to manage:

  • The average enterprise has thousands of privileged identities, accounts, and passwords. Manually managing and updating these are a time-consuming, costly and repetitive process.
  • Administrative and application accounts are found on virtually every piece of hardware, software, and application within an organization, including virtual environments.
  • Administrative or application accounts are shared, which means that the system does not track WHO logged in as an Administrator, merely that a login occurred—a significant audit challenge.
  • Unlike a personal identity, such as JDoe, administrative or application accounts are nearly impossible to disable.
  • Administrative and application accounts are subject to regulations such as Sarbanes Oxley, PCI, and Basel II, requiring that companies prove exactly who logs in to sensitive systems and, increasingly, what they are doing.

Results from a survey conducted by Cyber-Ark revealed some important statistics about privileged passwords and the risks they present to companies.

Expand survey

Where does the password exist? Examples How many exist?* What's the security Risk?* Solutions
Personal Workstation Login: Administrator 5000 or more
40% of Enterprises have more than 5000 workers		 High
21% of admin passwords on workstations are never updated		 Manual
Privileged Password Solutions
Servers UNIX (Root), LINUX (Root) 5000 or more
44% of enterprises have more than 500 servers, each with 1-5 administrative passwords		 High
13% of admin passwords on servers are never updated		 Manual
Privileged Password Solutions
Routers Cisco (Enable) 100 or more
41% of enterprises have more than 500 servers, each with 1-5 administrative passwords		 High
13% of admin passwords on routers are never updated		 Manual
Privileged Password Solutions
Databases Oracle (System, Sys), Microsoft SQL Server (SA) Hundreds
66% of enterprises report having more than 100 unique applications, including databases		 High
42% of admin passwords on software and databases are never updated		 Manual
Privileged Password Solutions
Scripts connecting software applications Sales tracking application to master database Thousands
Enterprises report having more than 100 apps, with 92% linked to at least one other app. Each unique link creates a unique password incident.		 High
42% of admin passwords on software and databases are never updated		 Manual
Privileged Password Solutions

*Based on Cyber-Ark Enterprise Password Survey 2006



What is the PIM Suite?


    Part of the Privileged Identity Management infrastructure, a single web-based access point for managing, defining, monitoring and auditing shared and application accounts.

    Secure, manage, automatically change and log all activities associated with privileged and shared accounts.
    Read More...

    Eliminate hard-coded, embedded credentials and encryption keys within scripts and applications, and fully address their challenges with central management, secure storage and detailed audit.
    Read More...

    Protect your sensitive systems with privileged single sign on without exposing credentials, especially to 3rd parties and gain full visibility to privileged session activity using DVR-like recording and playback.
    Read More...

    Control and monitor superusers with granular access control and output recording. Replace stand-alone “sudo-like” solutions with an enterprise class, unified PIM platform
    Read More...

    Part of the Privileged Identity Management infrastructure, a revolutionary engine for privileged account management that automatically manages and enforces enterprise policies on local or remote networks across the enterprise with no human intervention.

    Part of the Privileged Identity Management infrastructure, our award-winning patented Digital Vault technology protects the keys to the kingdom and policy information, stores session recordings and secures information needed for audits in tamper-proof storage with multiple layers of security.

    The Privileged Identity Management Suite seamlessly integrates with a wide range of target IT systems, managing hundreds of thousands of servers, databases, devices and more.

    An enterprise-ready solution that seamlessly integrates with existing and future IT infrastructure.

    One integrated solution for all user types.


(Hover your mouse over the diagram for more information)

Cyber-Ark's Privileged Identity Management (PIM) Suite is an enterprise-class, unified policy-based solution that secures, manages and monitors all privileged accounts and activities associated with datacenter management whether on-premise or in the cloud:

  • Control access to privileged accounts
  • Monitor and record privileged sessions
  • Manage application and service credentials
  • Grant granular control to the commands superusers can run
  • Comply with audit and regulatory requirements
  • Streamline policy management of privileged accounts
  • Seamlessly integrate with enterprise systems

The PIM Suite allows organizations to manage, monitor and audit their most privileged identities, avert insider threats, and prevent the loss of sensitive information.

Expand PIM overview

Privileged accounts include the Root account on UNIX/Linux; Administrator in Windows; Cisco Enable; Oracle systems/sys; MSSQL SA; SAP Application Server; and many more such as Emergency or 'Firecall' IDs. Ironically, these identities are often neglected, their session activities are difficult to monitor, and passwords are never changed. In some cases, these identities are required not only by the internal IT personnel, but also by external 3rd party vendors and, thus, require extra care, such as secure remote access and secure session initiation without exposing the credentials.

The PIM Suite enables the 6 essential steps of privileged identity management:

  • Identify and Discover privileged policies and accounts
  • Centralize and Secure privileged identities and accounts
  • Apply Policy to these privileged identities based on the requester / role
  • Personalize access to these privileged identities
  • Automatically Reset access to these privileged identities
  • Log and Record all activities associated with these privileged identities

The PIM Suite: features and components

The PIM Suite offers a robust set of system features and capabilities for consistent policy definition and enforcement, automated privileged password management, and centralized reporting for compliance audits. The PIM Suite comprises three well integrated core products which can also be purchased separately as needed:

Because they share a common server platform, an initial deployment of any individual solution can quickly and easily be expanded to address any additional audit or security challenges that may arise in the future.

With Cyber-Ark's Privileged Identity Management suite you can:

  • Approach Compliance with Confidence:  Superior security that protects the 'keys to your kingdom' with a proven ability to meet regulatory requirements
  • Eliminate Insider Threats:  Out of the box best practices for defining and enforcing a unified policy for privileged identity management across your data center whether on-premise or in the cloud
  • Do Business Better:  Improve workforce productivity with a single access point for handling privileged credentials

Expand PIM features

Key features of the PIM Suite:

  • Security and Audit Compliance: centralized system for the highly secure management and delivery of audit reports in order to meet compliance with regulations such as SOX, PCI, NERC/FERC and Basel II
  • Shared and Administrative Password Account Management: superb automation and management policy for heterogeneous IT environments, extensive device-management architecture, self-recovery solutions, automatic provisioning, reconciliation and a customizable workflow
  • Application Identity Management: multi-platform, easy-to-use, high-performance solution for eliminating passwords embedded in applications, scripts and configuration files. Additional highly secure offline caching for application performance, resiliency and HA
  • Privileged Session Management: DVR style playback of recorded privileged sessions, supporting multiplex recording servers and with highly secure remote HTTP-S based access for enterprise environments
  • Enterprise Readiness: fully comprehensive integration with enterprise infrastructure, full software deployment kit and intelligent distributed architecture with central management that is ideal for multi-site, multi-network environments

How can we protect your systems, information and reputation?

Created by PixelMEDIA, Inc.