Cyber-Ark launches appliance password vault

Cyber-Ark Software Ltd, a VC-backed Israeli access control and security start-up, has launched an appliance version of its password vault software.

The company said its new system provides a tamper proof mechanism for enterprise password change management, protects passwords during transmission as well as at rest, and stores password back-ups in encrypted format.

The company claims 200 US corporate customers already are using its vaulting software, and reportedly has revenue in excess of $10m. It has so far raised $23m in funding since opening its doors for business in 1999. Cyber-Ark reportedly had $10m in sales in 2005.

The addition of an appliance form factor to its range is said to address the critical issue of securing use of privileged user accounts of system administrators, database administrators and the like, which are coming under increasing scrutiny by internal and external auditors.

The vendor said its unit offers complete separation of duties, ensuring that sensitive information is never visible to anyone who does not have explicit permission.

Separation of duty requires that for particular sets of transactions, no single individual be allowed to execute all transactions within the set. The most commonly used examples are the separate transactions needed to initiate a payment and to authorize a payment. No single individual should be capable of executing both transaction types.

Separation of duties is considered valuable in deterring fraud since vulnerabilities can occur if an opportunity exists for collaboration between various job related capabilities. In practice, only certain transactions need be restricted in this way. For example, it makes sense that a transaction to authorize payment is restricted, while one that submits a request to an administrator need not be.

• Share:
• 
• 
• 
• 
• 
• 
• 
• 
•