TechValidate Research on CyberArk

Introduction

This case study of hydro.qc.ca is based on an April 2018 survey of CyberArk customers by TechValidate, a 3rd-party research service.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select CyberArk:

• Resolved the following challenges after using CyberArk:
  • Rampant password reuse across multiple accounts
  • Securing credentials used by applications
  • Too many endpoints with local administrator privileges
• Adopted CyberArk’s privileged access security because of the following compelling business drivers:
  • Initiated a proactive security project
  • Were driven by a board-level or executive mandate
  • Wanted to be better prepared for an audit
• Selected a solution for privileged access security to:
  • Limit the exposure of privileged credentials
  • Enforce strong passwords, store them in an encrypted vault, and rotate them
  • Simplify audit and compliance requirements

Use Case

The key features and functionalities of CyberArk that the surveyed company uses:

• Uses CyberArk for the following:
  • Securing privileged credentials in a vault
  • Rotating credentials based on policies
  • Monitoring and recording privileged sessions
  • Detecting and responding to attempts to circumvent privileged access controls
  • Securing credentials used by applications
• Managing the following types of privileged accounts, credentials, and secrets with CyberArk in the next 12 to 18 months:
  • Domain admin accounts
  • Network device accounts
  • Database or application admin accounts
  • Local admin accounts on workstations
  • Service accounts
  • SSH keys
• Plans to integrate the following tools with CyberArk within the next 18 months:
  • Authentication (DUO or OKTA, RSA)

Results

The surveyed company achieved the following results with CyberArk:

• Reports that since adopting CyberArk to manage their privileged accounts and credentials, they are now much more secure.
• Reports that since adopting CyberArk to secure their privileged accounts and credentials, the time and cost of audit reporting has stayed the same.
• Reports that with CyberArk, the time required to manage and maintain privileged account and credential security has reduced.

Introduction

This case study of a Global 500 E-Commerce Corporation is based on an April 2018 survey of CyberArk customers by TechValidate, a 3rd-party research service.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select CyberArk:

• Resolved the following challenges after using CyberArk:
  • Unmanaged or unaudited third-party / remote vendor access
  • Too many endpoints with local administrator privileges
• Adopted CyberArk’s privileged access security because of the following compelling business drivers:
  • Initiated a proactive security project
  • Wanted to be better prepared for an audit
• Selected a solution for privileged access security to:
  • Limit the exposure of privileged credentials
  • Enforce strong passwords, store them in an encrypted vault, and rotate them
  • Simplify audit and compliance requirements
  • Remove hard-coded credentials from applications and scripts, including applications built using DevOps methodologies
  • Secure third-party access
  • Secure privileges on endpoints
  • Secure infrastructure and assets in the cloud
  • Secure privileged accounts and credentials for non-IT users (Finance, HR, Marketing)

Use Case

The key features and functionalities of CyberArk that the surveyed company uses:

• Uses CyberArk for the following:
  • Securing privileged credentials in a vault
  • Rotating credentials based on policies
  • Securing and rotating shared service accounts
  • Securing credentials used by applications
  • Securing workstations by removing local privileges
• Managing the following types of privileged accounts, credentials, and secrets with CyberArk in the next 12 to 18 months:
  • Domain admin accounts
  • Microsoft Windows admin accounts
  • NIX admin accounts (UNIX and Linux)
  • Network device accounts
  • Database or application admin accounts
  • Cloud admin consoles for IaaS or PaaS (Amazon Web Services, Microsoft Azure, Google Cloud, OpenShift, Pivotal Cloud Foundry)
  • SaaS accounts (Microsoft Office 365, Salesforce, Box, Concur)
  • Local admin accounts on workstations
  • Application credentials
  • SSH keys
• Plans to integrate the following tools with CyberArk within the next 18 months:
  • The cloud (Amazon Web Services, Microsoft Azure, Google Cloud Platform)
  • Discovery (ForeScout, BMC)
  • Identity and access (Sailpoint, RSA)
  • SIEM (Splunk, Fortinet, LogRhythm)
  • Vulnerability management (Qualys, Rapid7, Tenable)

Results

The surveyed company achieved the following results with CyberArk:

• Reports that since adopting CyberArk to manage their privileged accounts and credentials, they are now significantly more secure.
• Reports that since adopting CyberArk to secure their privileged accounts and credentials, the time and cost of audit reporting has reduced a lot.
• Reports that with CyberArk, the time required to manage and maintain privileged account and credential security has reduced.