Migrating workloads to the cloud is a top priority for many organizations, and businesses everywhere are using Amazon Web Services (AWS) to accelerate IT service agility, simplify operations and minimize capital equipment expense and complexity. In this cloud-delivered world, organizations are looking for SaaS-delivered security solutions — along with easier ways to consume them — to protect against identity-centric attacks across modern IT environments and support their increasingly hybrid workforces.
Since we couldn’t be together for AWS re:Inforce this summer, we’re revisiting a 2021 Impact Live conversation with Matt Girdharry, leader for DevOps, Observability & Security, AWS Marketplace, Amazon Web Services; Chris Moore, CyberArk VP of global channels; and Joanne Wu, CyberArk VP of business development. The trio explored how organizations can best leverage CyberArk, our partner ecosystem and AWS Marketplace to drive faster time-to-value and rapid risk reduction.
Modernizing the Digital Supply Chain
“A typical customer today has about 1,000 applications that they’re thinking about migrating over to AWS,” said Girdharry. “As they’re taking the core applications they’ve built — the lifeblood or IP of their organization — and figuring out how to re-architect them, they’re also thinking, ‘How do I take these on-prem third-party applications that have been running in my data centers and migrate them with me?’”
They have an opportunity to do just that through AWS Marketplace, unlocking the benefits of AWS for the security technologies and services they already know and trust. “Customers love the fact that they can modernize their core IP applications along with their supply chain through SaaS-based subscriptions,” Girdharry continued.
“AWS and CyberArk have been working together for several years across three major dimensions: Securing the cloud, running CyberArk Identity Security solutions in the cloud and, most recently, helping organizations around the world to procure through AWS Marketplace,” explained Wu.
The AWS Marketplace also enables CyberArk channel and C3 Alliance partner organizations to drive new customer value by simplifying business transactions. “As organizations adopt cloud computing and digitally transform their business, our partners need to deliver solutions in the way that their customers want to buy them,” said Moore. “By leveraging the AWS Marketplace, our partners are in the best position to deliver real and rapid value and continually meet evolving customer needs.”
CyberArk’s focus on AWS Marketplace facilitates CyberArk’s ongoing transition to deliver enhanced customer value and greater deployment flexibility and simplicity through a subscription-based model. As Moore specified, selling through AWS Marketplace “aligns incredibly well with our own shift to SaaS. From the channel and partner side, it’s all about eliminating friction.”
A Whole That’s Greater Than the Sum of its Parts
Perhaps the best way to illustrate the value that AWS Marketplace delivers to organizations is through the Amazon “flywheel” — a concept first popularized by author Jim Collins and embraced by Jeff Bezos to elevate the customer experience.
The flywheel’s hallmark characteristic is that no one thing powers it. Instead, it moves by many components acting in concert — equating to a whole that’s greater than the sum of its parts. AWS Marketplace delivers customers increasing selection to tools to increase performance across security and compliance functions. Simultaneously, vendors increasingly benefit from greater intelligence based on adoption of customer features, allowing teams to accelerate their innovation, and in turn, make AWS Marketplace even more valuable for customers.
Breaking Down the Cloud Shared Security Responsibility Model
It’s important to remember that when it comes to security, everyone has a part to play. Under this shared responsibility model, the end-user is responsible for certain Identity and Access Management (IAM) functions, including Privileged Access Management. Organizations can fulfill their security responsibilities by using CyberArk’s SaaS-based Identity Security solutions on AWS Marketplace to:
- Detect and correct misconfigured access to sensitive AWS resources
- Protect workforce identities against credential compromise via single sign-on (SSO) and multi-factor authorization (MFA)
- Secure credentials used to access the AWS Management Console and critical AWS infrastructure, while enabling isolated, monitored privileged sessions
- Prevent privilege escalation from the endpoint into the cloud
- Securely manage secrets used by cloud hosted applications, containers and machine identities
“Security and compliance are a shared responsibility,” explained Girdharry. AWS is responsible for protecting the global infrastructure that runs all of the services offered in the AWS Cloud. For abstracted service, such as Amazon S3 and Amazon DynamoDB AWS is also responsible for the security of the operating system and platform. Customers and APN Partners, acting either as data controllers or data processors, are responsible for anything they put in the cloud or connect to the cloud.
He continued, “Our philosophy at AWS Marketplace is that we’re not going to leave you hanging — we’re going to supply you with the best possible security tools, including solutions from CyberArk that actually help you perform that piece of your responsibility as a customer.”
This support extends to digital organizations’ expanding DevOps practices. As many companies move away from monolithic, virtual machine-based worlds and modernize to microservices, DevSecOps becomes extremely important. “CyberArk plays a huge role in that in terms of providing the right types of access, to the right pieces of that code production pipeline, all the way up into the production environment,” said Girdharry.
CyberArk’s cloud and DevOps experts are also actively involved in numerous AWS-led open source and code donation projects that enable developers and help organizations securely meet their objectives.
Visit CyberArk on AWS Marketplace
Embracing cloud, remote work and other digital transformation initiatives cannot be a tradeoff with security. With access to CyberArk Identity Security solutions on AWS Marketplace, organizations can move forward with confidence.
CyberArk offerings on AWS Marketplace include CyberArk Privileged Access Manager, CyberArk Endpoint Privilege Manager, CyberArk Cloud Entitlements Manager, CyberArk Privilege Cloud, CyberArk Workforce Identity, Conjur Secrets Manager Open Source and CyberArk Privileged Access Manager for GovCloud (US). To learn more, visit CyberArk on AWS Marketplace.