Business Solutions
Monitoring & Recording Privileged Activity
The Challenge
Privileged access to enterprise resources raises many challenges, including control over “who” is entitled to access sensitive devices; “who” within and outside an organization can initiate privileged sessions, as well as “what” is being done during those sessions. Organizations must have the capability to audit all activities performed during these privileged sessions as well as protecting and managing the gathered audit information.
The Solution
Cyber-Ark's Privileged Session Management Suite, enables organizations to isolate, control and monitor privileged access to servers, network devices, databases, web applications and virtual machines throughout your datacenter by:
- Isolating and Controlling Privileged Sessions: based on Privileged Session Management's Suite unique architecture, privileged sessions are run on an isolated secure proxy as opposed to desktops, blocking any potential malware from spreading to these systems. Privileged sessions are controlled by enforcing access policies and workflows such as session connection time limitations, managerial approvals for session access and more
- Live Monitoring and Recording Privileged Session Activities: view privileged sessions in real-time with the ability to interact with the session and terminate it if necessary. For forensic analysis, record all activities that occur in the privileged session in a compact format and search for specific events with 'point in time' DVR playback. Recordings are stored and protected in the tamper-proof Digital Vault Server® and are accessible to entitled auditors.
- Secure Remote Access: enables browser-based access to managed devices. This functionality is critical as privileged access is often required by external third party vendors who may need to conduct trouble shooting or device maintenance on a secure network. These users require extra care that is made possible through secure remote access and secure session initiation, without exposing credentials.
- Privileged Single Sign-On: To date, single sign-on solutions have not addressed the security vulnerabilities of privileged accounts. A single login to the Privileged Session Management portal with optional 2-factor authentication allows connections to managed devices without knowing the connection passwords. This enables customers to enforce 2-factor authentication for sensitive device access without the need to deploy a complex single sign-on solution.
Benefits
The Privileged Session Management Suite provides administrative session monitoring for continuous protection and compliance of your mission-critical target systems, databases and virtual environments across your datacenter. . All of this is provided as a transparent solution that requires minimal user behavior changes and no changes to the network architecture or existing IT infrastructure thus providing easier use and implementation. Additional benefits include:
- Protect all target systems in your datacenter with an integrated solution for privileged account and session management for ease of administration, management and audit
- Prevent cyber attacks by isolating desktops from sensitive target machines
- Create accountability and control over privileged session access with policies, workflows and privileged single sign on
- Deliver continuous monitoring and compliance with session recording with zero footprint on target machines
