CyberArk , the company that protects organisations from cyber attacks that have made their way inside the network perimeter, has released a new white paper, “Safeguarding Privileged Access: Implementing ISO/IEC 27002 Security Controls with the CyberArk Solution.” The technical paper provides organisations with a blueprint for implementing the CyberArk Privileged Account Security to enforce controls pertaining to privileged access within the ISO/IEC 27002:2013 standard.
Privileged accounts, which consist of IT administrative credentials, default and hardcoded passwords, application backdoors and more, are targeted in nearly every significant cyber attack. In response, organisations are increasingly adopting best practices standards for securing these accounts, including the International Organization for Standardization (ISO) and the International Electotechnical Commission (IEC) 27002 standard. The standards highlight the critical nature of privileged account abuse as part of advanced attacks, warning that “the inappropriate use of system administrator privileges…is a major contributory factor to failures or breaches of systems.”
“Privileged accounts represent a serious vulnerability,” said John Worrall, CMO, CyberArk. “Organisations adhering to ISO/IEC guidelines for safeguarding privileged access are taking a huge step forward in mitigating advanced attacks. The new whitepaper outlines how CyberArk helps organisations implement the controls outlined in the ISO/IEC standards.”
The CyberArk Privileged Account Security Solution helps organisations implement the following controls, which are consistent with the ISO/IEC 27002:2013 standard’s focus on privileged access security:
· Establishing and implementing privileged access policy
· Identifying the privileged access rights associated with each system or process
· Restricting the use of privileged access to authorised users based on functional roles
· Authenticating privileged users, ensuring individual accountability for privileged actions
· Changing default vendor passwords
· Restricting access to privileged utility programmes
· Controlling privileged access by suppliers
CyberArk will host two 30-minute webinars titled, “Do your privileged accounts meet ISO/IEC 27002 standards,” outlining how to best protect privileged accounts to address the new controls.
To register, please visit:
· December 9, 2014 @ 2:00 p.m. GMT http://lp.cyberark.com/20141209-ISO-Webinar-EMEA_Registration-Landing-Page.html
· December 16, 2014 @ 2:00 p.m. ET http://lp.cyberark.com/20141216-ISO-Webinar.html
To download the whitepaper, “Safeguarding Privileged Access: Implementing ISO/IEC 27002 Security Controls with the CyberArk Solution,” please visit http://www.cyberark.com/resource/safeguarding-privileged-access