CyberArk, a provider of enterprise security solutions that help companies secure and manage privileged accounts, today announced the availability of Master Policy, what the company describes as a “bold new policy engine” that enables customers to set, manage and monitor privileged account security through a single interface.
“The once complex process of transforming business policy and procedures into technical settings is now easily manageable and understandable to an organization’s stakeholders, including security operations, risk officers and auditors,” the company said.
Master Policy has been embedded at the core of all of CyberArk’s privileged account security products, and is available in version 8.0 of CyberArk’s privileged account security solution that was released today. Master Policy will with all new installations of CyberArk’s Privileged Identity Management (PIM) and Privileged Session Management (PSM) suites, the company said.
Recent studies have shown that organizations underestimate how cyber-attackers can take advantage of privileged accounts for malicious purposes.
In fact, half of the organizations in Cyber-Ark Software’s global IT security survey admitted to sharing passwords to privileged accounts among “approved” users. The problem was more widespread in larger enterprises, with 56 percent acknowledging the password sharing compared to 47 percent in smaller enterprises, the report revealed.
Master Policy enables organizations to set policy first to meet their security and compliance needs, and provides Key benefits including:
• A simplified process for creating and managing privileged account security policy, that can now be set up in minutes rather than days or weeks;
• Improved security posture of the organization by approaching privileged account security with policy first;
• Meets business demands by quickly and accurately translating written policy into privileged account security controls;
• Enables organizations to meet and demonstrate compliance regulations like PCI DSS, Sarbanes Oxley, NIST, NERC-CIP and more;
• Allows enterprise global policy to be set while providing controlled, granular level exceptions to meet the unique operational needs of the business;
• Decreases resource strain by empowering security risk and audit teams to enforce policy in their native language.
“Policy is the foundation of a sound security infrastructure. It has been difficult to enforce written policy throughout the enterprise, as it is time-consuming and difficult to translate that written policy to technical settings for operational departments,” said Sally Hudson, Research Director, IDC. “With today’s advanced threat landscape, the enterprise can no longer afford to overlook the importance of accurate policy settings and enforcement. Simplifying this process gives control back to the security, risk and audit teams and allows them to use their expertise to mitigate the risks posed by insider and outsider threats and comply with strict regulations.”
In addition to Master Policy, CyberArk’s version 8.0 includes the Universal Connector, which helps organizations extend privileged session monitoring to virtually any component of their IT infrastructure, including networks, servers, hypervisors, databases, applications and more. Using customizable solutions, automation and offering 200+ existing connectors, CyberArk is able to support most current enterprise systems, the company said.