A leading identity security company announces new capabilities to secure access to cloud services and workloads, powered by the company's risk-based intelligent authorization controls.
This includes enhancements to the CyberArk Secure Cloud Access solution, which enables secure, just-in-time access with zero standing privileges to cloud management consoles and services in multi-cloud environments. Research shows that 85 percent of organizations will use three or more public cloud providers in the next 12 months, but only 9 percent are taking an agile, holistic approach to securing identities across all environments. This makes them vulnerable to identity-related attacks (1). The CyberArk Identity Security Platform helps companies gain complete visibility into identity-related risks in their cloud environment. On the other hand, the platform supports the migration of existing access policies to zero standing privileges by eliminating permanent access rights for users. As part of the CyberArk Identity Security Platform, CyberArk Secure Cloud Access reduces security risks through least-privilege and just-in-time controls without sacrificing productivity.
New Features
- the identification of risks caused by IAM (Identity and Access Management) misconfigurations in multi-cloud environments
New context-based, automated approval workflows for high-risk access to cloud services. These workflows can be easily customized to achieve governance goals via no-code identity orchestration or automation capabilities within the CyberArk platform. - the close integration with IT Service Management (ITSM) and ChatOps tools that increase adoption among IT teams and enable cloud security teams to quickly and securely approve time-critical access requests during service outages. CyberArk is the only identity security provider to provide this capability.
- an additional support Delegated administration so that approvals can be granted at the team or department level
- a new integration between CyberArk Vendor Privileged Access Manager and Secure Cloud Access, which enables third parties to securely access cloud services with zero standing privileges - all through the same unified platform
- just-in-time access also for short-lived infrastructure workloads on Google Cloud Platform in addition to AWS
- a regional data center deployment also in Germany, Great Britain, Australia, India and Canada.
“Eliminating excessive, unneeded and unused permissions from administrators, employees, service and machine accounts is key to maintaining a least privilege principle. Our research shows that companies face major challenges in this area,” explains Melinda Marks, Practice Director, Cybersecurity, Enterprise Strategy Group (ESG). “By combining deeper automation and a developer-focused user experience with a zero-standing privileges approach and just-in-time controls for the cloud, CyberArk helps organizations mitigate security risk while freeing cybersecurity teams from manual tasks to relieve workload.”
Securing access
The CyberArk Identity Security Platform provides flexible, risk-based controls to secure access to multiple targets - for both human and non-human identities. These targets include SaaS applications, workloads, and cloud services accessed by bots, service accounts, business users, IT administrators, software developers, cloud engineers, and third-party providers.
“Cloud services have given companies tremendous speed in deploying new applications, but they have also led to countless new identities and additional attack surfaces. Cybersecurity controls often lag behind, creating high security risks. “CyberArk is now providing new cloud security solutions that rely on automation and risk mitigation to close this gap,” emphasizes Michael Kleist, Area Vice President DACH at CyberArk.
More at CyberArc.com
About CyberArk CyberArk is the global leader in identity security. With Privileged Access Management as a core component, CyberArk provides comprehensive security for any identity - human or non-human - across business applications, distributed work environments, hybrid cloud workloads and DevOps lifecycles. The world's leading companies rely on CyberArk to secure their most critical data, infrastructure and applications. Around a third of the DAX 30 and 20 of the Euro Stoxx 50 companies use CyberArk's solutions.