March 13, 2020
Digital Arts Consulting, Inc.
Digital Arts Consulting Released "Privileged Access Management Enabling Services" through CyberArk® PAS
- Robust Protection of Privileged IDs that are cause of 80%* or more of Data Breaches -
In the enterprise environment where a high level of cyber security measures are needed, Digital Arts Consulting, Inc. (headquarters: Chiyoda-ku, Tokyo, Japan; CEO: Tadao Matsumoto; hereinafter referred to as "Digital Arts Consulting") that offers the CISO service (Security Consulting Service), has signed a reseller agreement with CyberArk Software, Inc. (headquarters: Chiyoda-ku, Tokyo; CEO: Kiminori Chida; hereinafter referred to as "CyberArk") and released "privileged access management Enabling services", which is designed to protect businesses from cyber-attacks that seek to steal access to privileged accounts with the aim of abusing them to gain access to important informational assets.
"Privileged access management" needed more than ever to protect privileged accounts at companies
Comprehensive security measures for businesses are urgently needed, regardless of business type or scale. The need is imminent to install, manage and put into operation multiple security products and features. In this situation, a common point is the abuse of privileged accounts, especially in cases of information security violations and targeted attacks that carry a large risk to businesses. "Privileged accounts" are accounts that allow users powers and functions that normal users cannot access (for example Administrator account in Windows, root account in Linux, etc.), and when these accounts are stolen and abused, various security tools can be bypassed, making it possible to start and shut down the system, change settings, create, adding and delete of user accounts, install and distribute applications, and other such actions. Survey data has shown that at least 80% of company data infringement cases are related to abuse of privileged accounts.
At the same time as these privileged accounts can be stolen and abused by an outside attacker, there is also the possibility for users within the organization to abuse the accounts and potentially cause internal data leaks. For this reason, a "privileged account management" safeguard not only guards against outside attacks but is also a measure against internal data leaks, and is widely used by global businesses as an essential security measure.
"CyberArk PAS" is a privilege access management solution offered by CyberArk that uses their patented "Vaulting Technology®", which offers a unified management of privileged accounts by isolating and protecting from the existing system, making it fully comprehensive and one of the strongest solutions available. More than 5,000 companies, including more than half of all Fortune 500 companies use this solution as an essential security measure to prevent serious negative effects on business.
However, to design, implement and operate this kind of privileged account management, a strong expertise in the cyber security field is required. For this, companies would need to retain personnel capable of creating an implementation plan that fits with currently used solutions, carrying out implementation and offering operational support, all matching to business's current state and with a grasp of issues the company currently faces.
Digital Arts Consulting realizes a stronger infrastructure through our unique security service
At Digital Arts Consulting, we have put our consulting experience and expertise gained by working with various clients in the cyber security field to use in creating our "Cyber Hygiene Enabling Service," "Cloud Security Management Platform Enabling Service," "NIST SP800-171 Support Service" and others. The combination of these services offers one-stop security service through our company and allows us to propose solutions to handle issues that customers face, making possible concrete solutions involving the actual implementation and operation of these solutions.
* In the Forrester Research Report's "The Forrester Wave™: Privileged Identity Management, Q4 2018"（November 14, 2018）, regarding companies' data infringement, at least 80% reported the abuse of privileged accounts.
Outline of privileged access management platform construction support service
- 1. Risk Assessment Service
- Consultants from Digital Arts Consulting will assess and organize the customer's security guidelines, information security policies in a Fit&Gap analysis to match the current operations, IT assets, currently running systems and other items. Following this, a solution architect will get involved to carry out a risk assessment of security solutions for privileged accounts that are currently active or set to be newly implemented. Then, for customers who do not grasp the validity of said solutions, they will present a visualization of the current situation and potential solutions/organizing that would take into account the company's actual business status and customer requirements.
- 2. Privileged access management platform construction support service
- Solution Architects from Digital Arts Consulting will offer support towards the hypothesis made in the Risk Assessment Service, in the form of a Proof of Value (PoV) verification. This visualizes the value to the customer considering their current business status, and puts together a conceptual plan drawing out the customer's individual needs according to the following functions offered by a privilege access management platform. Following this, an implementation/support engineer will work to plan an implementation and operation that meets the functionality requirements laid out in the previous steps. They will then fully construct, maintain and operate this in place of the customer.
- 1) Core Privileged Access Security
- 1. Standard Core PAS
- Risk based authentication information security and session management
- Detection and management of authentication information: Continuously scan to detect access using privileged IDs
- Isolation of authentication information and sessions: Establish safe management points, isolate important assets from end users
- Documentation and auditing of sessions: Maintain centralized encrypted privileged sessions. Efficient audit is possible.
- Monitoring of activities that use privileged IDs: Detect unusual behavior and report to SOC team and IT team
- Correction of risk-laden actions: When theft or infringement of privileged access occurs, authentication information is changed
- 2. Advanced Core PAS, Standard Core PAS as comprehensive solutions including the following:
- Server protection via minimal privileged access: Meticulous access control, managed and operated uniformly with uniform audit trail management
- Domain controller protection: The network is monitored and improper domain controller attempts are prevented
- 2) ALERO™
- Zero trust access, organic multi-factor authentication, just-in-time provisioning, all integrated into a single SaaS solution, offering safe access to core privileged access security to remote vendors
- 3) Application Access Manager
- Controls, manages and inspects access to applications that feature machine-initiated privileged access
- 4) Endpoint Privilege Manager
- Prevents horizontal movement by attackers due to theft of endpoint authentication information by controlling via applications with minimum privileges.
- 5) CyberArk Privilege Cloud
- SaaS-type solution offering simplified access through monitoring sessions via safe keeping of authentication information, rotation and isolation. This strengthens security and IT operations as well as speeding up business risk reduction.
Merits of DAC service (in combination with other services)
- 1. Cloud Security Posture Management (Palo Alto Networks Prisma Cloud) x Privilege Access Management (CyberArk PAS)
- Simplified and secured privilege access management relevant to IAM on the cloud, rotation and privileged account isolation, as well as session monitoring. Possible to implement within companies with no expertise required.
- 2. Cyber Hygiene Management ( Tenable Tenable.io ) x Privilege Access Management (CyberArk PAS)
- Credential scans by Tenable.io (vulnerability and compliance scans) are made secure and centrally managed. Possible to implement within companies with no expertise required.
At Digital Arts Consulting, with the sale of this Privilege Access Management Enabling Service, which will join together with combined with all the services we have offered until now, we will aim to deliver the optimal management environment through ICT with the goal of improving businesses system security as the need to do so continues to rise.
- CyberArk's "CyberArk PAS" - privileged access management/safeguard solution
CyberArk PAS works through patented "Vaulting Technology®" to isolate and safeguard privileged accounts that exist in security products that protect devices such as endpoint devices, on-premises servers, IT systems used by networks, cloud services and public infrastructure, and of course IoT devices. In addition, this allows protection from malware attacks via session isolation and management, continuous monitoring for privileged access (detection and notifications for unauthorized logins), logging of search content at time of access, SSH key management, limiting of commands available to privileged accounts and other features. With this comprehensive solution, the customer's privileged accounts, authentication information and secrets, including those used in all on-premises, hybrid cloud, DevOps environment, and endpoints, are all protected.
- About CyberArk Software, Inc.
- CyberArk is a global leader in privileged access management, and as an essential IT security layer, works to protect data, infrastructure and assets across entire companies, through the cloud and DevOps pipeline. CyberArk offers the most complete solution in the industry for reducing the risk posed by privileged authentication information and secrets.