During this year’s RSA conference (visit us at booth #N6253!), CyberArk announced the release of version 10.8 of the CyberArk Privileged Access Security Solution. Version 10.8 focuses on expanding and improving CyberArk’s ability to continuously discover and protect cloud environments as well as augmenting Just-in-Time capabilities for an easy-to-use privileged access control. We’ve included a demo of Version 10.8’s capabilities at the bottom of the page.
Cloud computing, storage and applications have all become integral to modern organizations and the cloud footprint amongst the world’s organizations continues to grow. One of the main tenets of the cloud is speed; speed of deployment, scaling and integration. However, the increased speed at which cloud computing and storage allows organizations to spin up new virtual machines, instances and storage buckets can lead to headaches for both SOC and IT administrators. As cloud computing and storage has become an increasingly popular way conducting business, a staggering 50% of organizations do not have a privileged access management plan to secure cloud instances.
The newest CyberArk release provides a robust strategy for securing privileged access throughout AWS environments. It enables organizations to detect, alert and respond to potential attacks or misuse in AWS environments relating to Identity and Access Management (IAM) accounts and EC2 instances. To further the integration of these new capabilities, CyberArk customers can now deploy threat detection, alerting and response capabilities as an AMI or CloudFormation template.
It’s no small feat to secure these accounts and instances. A recent CloudInsight Essentials study showed that, among the 31,000 EC2 instances studied, there were 150,000 misconfigurations detected, 30,000 of which were linked to IAM accounts. These IAM accounts provide privileged users sweeping access to create, edit and update AWS Simple Storage Service (S3) buckets. S3 buckets are a public cloud storage resource similar to file folders that can store objects containing descriptive metadata and sensitive information.
With the CyberArk Privileged Access Security Solution, organizations can now continuously discover unmanaged privileged AWS accounts and instances and automatically add these accounts to a list of pending approvals to prevent further misuse. CyberArk customers are also able to initiate automatic Access Key rotation and re-creation if unauthorized or unmanaged access is detected. They can also send alerts to SOC and IT administrators based on detected misuse so that they can take a risk-based approach to their cloud inventories.
Just-in-Time solutions are simple to use and that can make life easier. However, it’s important not to lose sight of the rest of the necessary security precautions. Drawbacks to not fully managing and rotating privileged credentials associated with critical servers, databases and cloud-instances include having minimal visibility into activities taking place on those targets and a lack of native workflows. Having a tiered structure in place that implements higher levels of security (automatic session isolation, recording and threat detection and response) on cloud consoles, domain controllers, and other critical systems is a best practice.
Ensuring that the right person has the right access to the right resource at the right time for the right reason is a fundamental component of privileged access management. This is “Just-in-Time access,” a strong option for organizations that are looking to kick-start their privileged access management programs by introducing an easy-to-use solution.
Building on existing Just-in-Time access to Windows servers, which provided users provisional access to a defined subset of Windows servers for a pre-determined amount of time, this release advances those capabilities. Now, administrators have the ability to configure on a minute-by-minute basis the amount of time approved for access to target Windows servers. As part of the CyberArk Privileged Access Security Solution, Just-in-Time access adds another route for organizations to take toward implementing a robust privileged access management program.
In addition to advanced cloud capabilities and Just-in-Time functionality, other features included in this release are:
• A new policy that, if enacted, will require end-users to provide a reason for every privileged connection to a target system. That reason is sent to a reviewer for approval, automatically audited and stored.
• A new authentication method, “Cognito,” for AWS environments that enables application users to sign in directly through a user pool or third-party identity provider and supports the multi-configuration of SAML
Visit booth #N6253 at RSA for a demo of CyberArk Privileged Access Version 10.8. For more information on CyberArk’s enhanced cloud capabilities, click here. Register for our webinar to learn more about CyberArk’s ability to extend privileged threat detection and response to the cloud.