Access management to stop network snooping
With up to 70% of data breaches being caused by someone within the enterprise, businesses must turn their attention to threats from the inside rather than external risks, according to Udi Mokady co-founder and CEO of Cyber-Ark.
Speaking to CBR at Infosec 2010 about the addition of On-Demand Privileges Manager to Cyber-Ark’s PIM (privilege identity management) Suite V6, Mokady said that the platform address the issue of IT workers having access to data throughout an organisation.
“We focus on the most privileged workers, watching the guards, policing the police,” he told CBR. “I call it IT’s dirty little secret – IT can do anything to everything in an organisation. They can read the CEO’s email, go into payroll, see who is browsing what and get customer information.”
Cyber-Ark’s privilege identity management platform controls and monitors what IT staff can access, so they can only view information they are allowed to when they need it.
“It’s very segmented because different people manage different groups, and the product is structured so that the person administering the rights doesn’t necessarily have access to the systems themselves,” Mokady said.
Mokady added that the product also uses workflows to determine who has access to what. This includes dual control, so an admin has to get clearance from a manager before system access privileges are handed out.