HP Enterprise offers privileged account management service with CyberArk to derail cyber attacks



Hewlett Packard Enterprise (HPE) announced Monday the HPE Privileged Account Management (PAM) Service offering, an extension to its HPE Managed Security Services (MSS) portfolio. In partnership with privileged account security software vendor CyberArk, this offering is designed to help customers more effectively mitigate the heightened risk associated with privileged accounts, enforce more consistent application of security policies, and reduce manual efforts and administrative costs.

HPE PAM Service leverages the ten global HPE Security Operations Centers (SOCs), offshore resources, and the CyberArk Privileged Account Security Solution to help organizations address some of the biggest security challenges including: advanced targeted attacks, insider threats, malware targeted at privileged accounts, regulation and failed audits, and the outsourcing of sensitive information, assets and infrastructure.

The CyberArk Privileged Account Security Solution provides a comprehensive solution for operating systems, databases, applications, hypervisors, network devices, and security appliances. It can be deployed on-premise, in the hybrid cloud and OT/SCADA environments.

External attackers and malicious insiders are increasingly using the broader network permissions of privileged accounts to execute complex breaches and access sensitive information. In fact, 80 percent of all targeted attacks exploited privileged accounts during the attack process.

These attacks are often able to take full control of an organization’s IT infrastructure, disable its security controls, steal confidential information, commit financial fraud, and disrupt operations.

The newly introduced HPE PAM Service offering features numerous enterprise security benefits, including protection against cyber attacks to lock down privileged accounts and secure sessions to prevent malware infection at the endpoint, lateral movement, and attack escalation to stop attack progression. By improving visibility, the offering delivers control of administrative access to a range of systems and infrastructures, from accounts on operating systems, databases, middleware and applications, to network devices and SaaS applications.

The service offering provides compliance support with a fully auditable system that supports stringent needs of highly regulated industry sectors, such as providing auditors with detailed privileged access reports. By 2017, analysts predict that more stringent regulations around control of privileged access will lead to a rise of 40% in fines and penalties imposed by regulatory bodies on organizations with deficient PAM controls that have been breached

The offering also seamlessly enforcing consistent password policies across the enterprise. Anonymous use of credentials is eliminated across the enterprise and auditable controls tie people to their actions. Password policies enforcement and secured, centralized, and automated password management for administrative, service, and application accounts.

HPE PAM Service is integrated with the HPE Identity and Access Management (IAM) Service to address the growing challenges of IAM, thus improving efficiency and saving costs. In addition, as part of the C3 Alliance, HPE and CyberArk also offer proven and tested bi-directional integrations between the HPE ArcSight SIEM platform and the CyberArk Privileged Account Security and Privileged Threat Analytics solutions.

The integration provides joint customers with detailed privileged account activity intelligence and actionable alerts on anomalous behavior in HPE ArcSight where it can be correlated with other indicators to identify and disrupt critical in-progress attacks.

“Threats targeting privileged accounts are increasing in frequency, complexity and scope, making it critical for organizations to gain control and visibility of this key user group’s activity,” said Art Wong, senior vice president and general manager, HPE Security Services, Hewlett Packard Enterprise. “The full-service HPE Privileged Account Management offering backed by CyberArk technology provides organizations with the means to effectively mitigate their risks of both external and internal attacks on privileged accounts, as well as maintain compliance.”

“Privileged accounts provide tremendous access to sensitive information and infrastructure that can take down an entire organization if compromised by attackers,” said Adam Bosnian, executive vice president, global business development and head of the C3 Alliance, CyberArk. “This partnership combines CyberArk’s proven, innovative Privileged Account Security Solution with HPE’s comprehensive global Managed Security Services portfolio to proactively manage privileged user and account risk and combat this growing challenge.”

The HPE PAM Service is currently available to customers as part of the HPE Managed Security Services (MSS) portfolio, which delivers an extensive security service management process and in-depth consulting expertise to define, implement and manage a resilient security program.

Leave a Reply

WWPI – Covering the best in IT since 1980