PAM- Self-Hosted is a part of the CyberArk Identity Security platform.

The Challenge

• Identity Security represents the largest security risk an organization facesrntoday. When employed properly, privileged accounts maintain systems,rnfacilitate automated processes, safeguard sensitive information andrnensure business continuity. But in the wrong hands these accounts canrnbe used to steal sensitive data and cause irreparable damage to thernbusiness. Privileged accounts are exploited in nearly every cyber attack.rnWith privileged access, bad actors can disable systems, take control of ITrninfrastructure and gain access to sensitive data.
• rnOrganizations face a number of challenges when securing identities, namelyrnprotecting, controlling and monitoring privileged access, including: 

 Managing account credentials

• Many IT organizations rely on manuallyrnintensive, error-prone administrative processes to rotate and updaternprivileged credentials—an inefficient, risky and costly approach

 Tracking privileged activity

• Many enterprises cannot centrally monitorrnand control privileged sessions, exposing the business to security risksrnand compliance violations.rn

 Monitoring and analyzing threats

• Many organizations lackrncomprehensive threat analytics for privileged sessions

Controlling privileged user access

•  Organizations often struggle torneffectively control privileged user access to critical infrastructure, cloudrnplatforms (IaaS and PaaS), and SaaS applications.

Securing remote access

•  It can be challenging with conventional userrnauthentication and authorization approaches to make sure remote 3rdrnparty users access only what they need (and only when they need it). 

The Solution

• Privileged Access Manager (PAM) Self-Hosted is a part of the CyberArkrnIdentity Security platform. PAM Self-Hosted provides intelligent controls tornsecure privileged access across hybrid cloud infrastructures. The solutionrnhelps organizations efficiently manage privileged credentials with strongrnauthentication, proactively monitor and control privileged access, intelligentlyrnidentify and quickly respond to suspicious activity. 

 Enable privileged access with modern Single Sign-On (SSO)   and adaptive Multifactor Authentication (MFA)

• Access sensitive resources with a single set of credentials to reduce the risk of poor password practices. Provide risk-based authentication for each login leveraging user-specific contextual attributes.

Centrally secure and control access to privileged credentials based onorganizationally defined security policies

• Automated privileged credential (password and SSH key) rotation eliminates manually intensive, time consuming and error-prone administrative tasks, safeguarding credentials used in on-premises, hybrid and cloud environments. Ensure Windows and macOS credentials that are not connected to the network are secured and rotated.

 Isolate and monitor privileged sessions

• Establish secure, isolated sessions and record all activity. Credentials are retrieved by CyberArk and sent directly to target systems, preventing credential exposure to end users and machines. Meanwhile, session isolation prevents the spread of malware.

Detect, alert and respond to anomalous privileged activity

•  Apply a complex combination of algorithms to identify malicious activity. A bi-directional data feed exchanges high-risk detections with SIEM tools.

 Secure remote access

• Easily and securely authenticate external vendors and remote employees accessing CyberArk with biometric VPN-less MFA and no agents. Provision authorized users with Just-in-Time, passwordless access to critical resources and enable automatic session isolation and monitoring.

Benefits 

Deliver measurable cyber-risk reduction

• Protect access to privileged accounts and credentials. Defend systems against malware and attacks. Efficiently detect and respond to suspicious activity and malicious commands.

Enable operational efficiencies

• Eliminate manually intensive, time consuming and error prone administrative processes. Simplify operations and free up staff to focus on strategic tasks that support core business activities.

Satisfy audit and compliance

•  Institute policy-based privileged access controls to ensure compliance with government and industry regulations. Easily demonstrate policies and processes to auditors. Produce detailed audit trails and access histories to exhibit compliance.

Secure digital transformation

•  Balance security with a frictionless user experience. Enable seamless access for privileged users connecting to Tier0 assets, with centralized visibility and control.

SPECIFICATIONS

Encryption Algorithms