CyberArk Privileged Account Security CyberArk PAS

2021: Obtaining a certificate of compliance with the requirements of the FSTEC of Russia

On December 2, 2021, the Privileged Access Management (PAM) system from the Israeli company CyberArk received a certificate of compliance with the requirements of the FSTEC of Russia. Product certification was carried out by iTPROTECT. She is an exclusive partner in the distribution of a certified system.

PAM-class systems are required to monitor the actions of IT resource administrators and centrally manage their rights. Solutions reduce the risk of uncontrolled access to IT assets and automate password management on servers. This accelerates the audit and investigation of incidents, as well as simplifies the assessment of the quality of services of external IT contractors, especially when there are several.

The received certificate confirms the presence in the CyberArk system of built-in means of protection against unauthorized access to information that does not contain information constituting state secrets, in accordance with the requirements of the FSTEC of Russia for security means according to the 6th level of trust. Certification at this level allows you to use PAM to manage credentials in systems containing data of up to 100 thousand people (subjects), in organizations of all industries except medicine. For example, we can talk about the administration of HDS segments located in several cloud environments, which are supervised by several contractors. In this case, it is extremely risky to administer a system without PAM. And the use of non-certified credential management tools is prohibited at the level of FSTEK order No. 21.

Besides, CyberArk Privileged Access Security Solution can be applied to administration of systems of subjects CUES. In accordance with FSTEC Order No. 235, connection to CII systems can be carried out only using third-party tools. For commercial organizations, except in the case of HIPD administration, the presence of a FSTEC certificate is not mandatory.

The completion of the next stage of certification of our flagship solution is a consistent, and, of course, the expected step towards our customers and partners. CyberArk respects the interests and requirements of Russian users and relevant regulators. We do not overestimate the significance of this event, but we are confident that the approval of FSTEC will increase the already high level of comfort and safety of our users in Russia. The Russian market is very important for CyberArk, and this pleasant formality is another confirmation of this. " said Oleg Kotov, regional director of CyberArk.

As part of the certification process, preliminary tests of the system were carried out in the iTPROTECT laboratory, certification tests in the testing laboratory of NPO Echelon JSC, an expert opinion was issued by PPSH Laboratory JSC.

Many customers provide access to their corporate resources to external professionals, such as technical support or IT outsourcing. It will be difficult to identify the person responsible for a problem or leak of confidential credentials in the absence of a PAM tool. Also, with the help of storage in PAM systems, you can minimize the risks associated with the distribution of passwords from end systems. Therefore, the demand for such solutions continues to be high. The PAM system from CyberArk is one of the most popular in the market, so participation in its certification was especially important for us - said Maxim Golovlev, technical director of iTPROTECT.

2020: As part of a secure solution for remote access to CII objects

On May 12, 2020, ELVIS-PLUS introduced a secure solution for remote access to critical information infrastructure, which includes:

• hardware thin client AGRARIAN AND INDUSTRIAL COMPLEX ZASTAVA-TK"," which connects to the network of the object CUES using terminal access VDI and with a high degree of security;
• ESMART Token GOST smart cards/USB tokens manufactured by ISBC for two-factor authentication and storage of user keys/certificates;
• a system for monitoring the actions of administrators and users based on the solutions CyberArk Privileged Access Security Solution or IT-Bastion SCDCP, which provides full control and monitoring of remote connections when performing tasks to administer and monitor the functioning of CII objects. More details here.

2017: CyberArk PAS 9.7 and FSTEC certificate

In the spring of 2017, CyberArk Software received compliance certificate No. 3739, confirming that the CyberArk Privileged Account Security 9.7 software is a software tool for protecting against the NSD, implements the functions of access control, identification, authentication of access subjects and registration of security events that do not contain information constituting state secrets.

The CyberArk Privileged Account Security 9.7 solution is designed to manage privileged accounts and control the access of privileged users, and includes a number of modules:

• Enterprise Password Vault - Protects, manages, and controls access to privileged accounts
• Privileged Session Manager - Provides isolation, control, and monitoring of privileged user access, as well as control of actions on any protected systems, without restrictions on the types of systems or protocols;
• SSH Key Manager - provides protection, management and control of access to SSH keys;
• Privileged Threat Analytics - analyzes the behavior of privileged users and notifies them of potentially dangerous actions, which allows them to quickly respond and interrupt the attack;
• Application Identity Manager - Protects, manages, and audits the built-in privileged accounts used by applications to access plug-ins;
• End-point Privileges Manager - manages user privileges and applications on Windows endpoints
• On-demand Privileges Manager - Provides control and continuous monitoring of commands executed on NIX endpoints.

Each module is self-contained and can function independently of the others. Working together, the modules provide a complete solution.

2015: FSTEC Certification

In February 2015, CyberArk, which specializes in protecting organizations from cyber attacks on internal corporate networks, received a certificate from the Federal Service for Technical and Export Control (FSTEC) of Russia for the CyberArk Privileged Account Security solution.

FSTEC certification is necessary for foreign vendors to interact with Russian state organizations. The existence of such a certificate allows various departments to use information security technologies from CyberArk.

The certification of Privileged Account Security from CyberArk confirms its ability to protect networks from unauthorized access, as well as provide an increased level of security and management for privileged accounts.

CyberArk Privileged Account Security is the high level of protection organizations need to protect against advanced attacks. The solution is a powerful modular technology platform that implements an integrated approach to protecting, monitoring, and managing privileged accounts. Each product can work independently or with other components, providing unified protection for operating systems, databases, applications, hypervisors, network devices, and security devices. The solution can be installed on private servers, hybrid cloud, or OT/SCADA environments .

The hacking of privileged accounts opens cybercriminals a high level of access to all IT networks, critical applications and systems, which allows them to easily navigate the network and steal data and information without being detected. According to leading cybercrime investigators, in 80% of all cases of advanced attacks, it is the hacking of privileged accounts that is used.

By implementing the necessary solutions to track, capture, record, and alert privileged users, organizations can quickly respond to malicious actions and mitigate damage early in an attack.

"Today it is more important than ever for companies to take care of the security of privileged accounts, as they are the first line of defense. We are proud to be able to provide solutions that can withstand one of the most difficult attacks - on privileged accounts and credentials, "says Bogdan Tobol, regional director in Northeast Europe of CyberArk. - Obtaining the FSTEC certificate for the CyberArk Privileged Account Security solution allows government agencies in Russia to protect their privileged accounts and more effectively protect the most important assets and data. "

A complete solution to protect, monitor, detect, alert, and respond to privileged accounts

Privileged accounts represent the largest security vulnerability an organization faces today. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take full control of an organization’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations. Stolen, abused or misused privileged credentials are used in nearly all breaches. With this growing threat, organizations need controls put in place to proactively protect against, detect and respond to in-progress cyber attacks before they strike vital systems and compromise sensitive data.

CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry’s most comprehensive Privileged Account Security Solution. Each product can be managed independently or combined for a cohesive and complete solution for operating systems, databases, applications, hypervisors, network devices, security appliances and more. The solution is designed for on-premise, hybrid cloud and OT/SCADA environments.

The CyberArk Privileged Account Security Solution is based on CyberArk Shared Technology Platform™, which combines an isolated vault server, a unified policy engine, and a discovery engine to provide scalability, reliability and unmatched security for privileged accounts.