How to Run Automated Workflows While Protecting Privileged Accounts

In today’s highly complex security climate, organizations must protect and manage their applications’ privileged identities if they want to protect their assets. Successful Privileged Identity Management (PIM) implementation can be measured by specific factors, such as:

  • Controlling who has access to which credentials
  • Document credential requests for compliance
  • Eliminating hard-coded passwords in applications
  • Eliminating hard-coded passwords in 3rd party tools

Knowing this is critical and actually accomplishing it, however, are two entirely different things. There are many in-house applications and 3rd party tools such as Cyber Security Incident Response Team (CSIRT) automation, IT process automation, and others that run and need access to many servers, PCs, and other devices. The ability of 3rd party tools to access the vault and retrieve the relevant credential information of the specific device is crucial to successful PIM implementation.

Why You Need a Secure Vault

Unmanaged privileged credentials, such as passwords, used by 3rd party tools like CSIRT, are typically stored locally in configuration files, or in a database with little to no control over encryption levels. These credentials can be easily captured and exploited by malicious users or external attackers.

Additionally, any manual changes made to these credentials generally require an update of credentials across all environments, which in turn requires downtime or a maintenance window.

Just one tiny oversight during a manual password change could lock a Windows account, causing all other applications and/or application instances to cease operating. Furthermore, as these credentials are not centrally managed, it is difficult to track who or what has access to them, which makes it nearly impossible to identify whether there may be a potential misuse of credentials by a malicious user or external attacker.

And if you think this type of scenario will never happen to you, think again. One need only peruse the headlines to see that even the most prominent enterprises are vulnerable to potential exploitation.

Take, for instance, web-hosting giant GoDaddy. In May of 2020, the largest domain registrar in the world with over 19 million customers, announced that it had experienced a security breach, which occurred after an employee had their account compromised which allowed hackers access. The number of customers impacted has still not be determined, but the reputational and financial damages to the company cannot be understated. For a smaller firm, such a breach could be irreparable.

Why a Secure Vault Is Not Enough

As GoDaddy and countless other organizations have learned the hard way over the years, cybercriminals are relentless. Their tactics are also becoming more sophisticated by the day. In order to shore up against would-be attacks, business leaders must find a way to fight fire with fire. That is, they must leverage all of the advanced technology available to them. And one of the most effective of these is automation.

Ayehu’s integration with CyberArk Privileged Account Security Solution enables organizations to automatically retrieve and rotate credentials securely stored in the CyberArk Secure Digital Vault. Passwords can be rotated based on the organization’s security policy for all privileged identities.

In addition, the integrated solution combines individual accountability with detailed tracking and reporting on all privileged identity activity, enabling organizations to meet diverse sets of compliance requirements.

Your Chance to See It In Action

In a world awash in cybersecurity threats, malicious use of privileged credentials stands out for its potential to inflict cataclysmic harm upon an enterprise.  Yet in order to carry out tasks such as regularly-scheduled maintenance jobs, IT operations must have access to the privileged accounts on servers, routers, and other devices that require these credentials. 

What’s the best way to protect privileged information without obstructing ITOps from performing the vital work that keeps the lights on, all while adhering to organizational and industry infosecurity compliance requirements?

Please join us on Wednesday July 15th as we demonstrate the integration of Ayehu NG and CyberArk Secure Digital Vault – the industry leading automation and privileged access management platforms.

Click the graphic below or follow this link to register and reserve your spot today:

Cyber Security Automation Trends

Security_trendsThese days, the barrage of security attacks on organizations is unrelenting. To cut the time it takes to respond to those attacks, IT executives are turning to security automation technologies. A new IDG Research survey of CIOs and CISOs found that 54 percent of security breach resolutions take days, weeks or months. To speed response and resolution time, 63 percent said they will increase their level of security automation over the coming year.

The problem lies in the fact that, despite heightened awareness of security attacks, the current efforts to thwart such attacks are having little to no effect. These attacks, their severity and their frequency, are not going down, and the time of detection – which 61% of survey respondents listed as days, weeks or even months – isn’t sufficient enough to avoid the inevitable consequences. This is why security automation will begin to become more prevalent in the coming months and years.

While many organizations have already begun to adopt IT automation tools to better manage incoming security threats, others remain unsure and even somewhat leery about turning over such an important task to a software product. The fact is, great strides have been made in terms of IT automation and the old, clunky and risk-laden products of the past have been replaced by highly effective, secure and sophisticated enterprise-class solutions.

One survey respondent, Bruce Perrin, COO and acting CIO for Phenix Energy Group, is fully on board with using automation to manage security monitoring. In fact, he believes it’s absolutely necessary, citing the fact that humans are inherently flawed, making the task of handling incoming attacks an especially risky one. He also believes that one of the biggest barriers to businesses embracing automation is fear of change. The problem with this, he points out, is that: “today’s security operations are all about anticipating new problems, not just dealing with old ones”.

While 56% of survey respondents cited cost as their main deterrent from shifting to automation, most of the other barriers listed indicate an underlying problem of insecurity and lack of knowledge about the security process as opposed to any type of technical issues. This is understandable, given the fact that today’s security processes are complex and present potentially severe consequences in the event of failure.

The key to overcoming these obstacles lies in educating decision makers about the many benefits the come with deploying a security automation solution. The most notable advantages include optimizing the time and efforts of security experts, which is a costly resource, as well as minimizing the impact a security breach can have on an organization’s finances and brand reputation.

Of course, achieving optimum results will ultimately depend on choosing the right product. Not all security automation solutions are created equal. Larger corporations must seek out products that are designed to support sizeable enterprises, can be easily integrated with the existing infrastructure and are scalable to account for future growth and organizational changes.

The best solution is one that is easy to implement, simple to learn and completely customizable to each organization. The company can start off automating security tasks and then work their way up accordingly. The product should also effectively combine automation with remote human decision making to ensure the highest level of attention. Most importantly, the right product will allow an organization to cut incident recovery time by up to 90 percent, ensuring that security attacks are identified and addressed in as timely a manner as possible.

With security threats becoming more advanced and dangerous, it’s becoming increasingly evident that the measures being taken currently are not sufficient to mitigate the associated risks. What’s needed is a simple but sophisticated product that can quickly and accurately detect potential security breaches so that they can be handled immediately – not days, weeks or months later. The way of the future is security automation.

Is your business prepared to handle a security attack? Start protecting yourself with automation today. Download a free 30 day trial or call 1-800-652-5601 to get started.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response