Enterprises are powered by myriad applications. The problem is there are some applications that require users to log in via individual usernames and passwords. As a result, employees are required to create, remember and manage individual passwords for many applications.
This is a recipe for disaster as employees often look for shortcuts to manage their passwords. Many users tend to use the same password across multiple accounts. If one of these accounts is compromised, it can lead to all the other accounts being vulnerable. Also, users often choose weak and easy-to-guess passwords, such as "123456" or "password," which are so easily cracked by hackers using automated tools.
Employees that do look for solutions to help manage their passwords often turn to consumer-focused password management tools. The problem is these tools often lack security, visibility and compliance features, putting the enterprise at risk.
CyberArk’s cloud-based enterprise password management solution, Workforce Password Management, overcomes these challenges as it enables organizations to securely capture, store and manage password-based applications and other secrets. Workforce Password Management is designed for business environments and provides the privacy, availability and security enterprises demand, including support for modern passwordless authentication controls and corporate directories
Building on these capabilities, CyberArk released new capabilities that include application access controls based on usernames, support for CAPTCHA-enabled web apps and enhanced reporting for user-added applications.
This means that administrators now prevent end users from adding sensitive and privileged accounts to the Workforce Password Management vault. The new enhancements allow end users to seamlessly access websites that require CAPTCHA at login and solve third-party-enforced CAPTCHA challenges during the login process. Also, out-of-the-box reports provide detailed information about all user-added applications.
Additionally, Workforce Password Management can be used in conjunction with CyberArk Secure Web Sessions, which features an additional layer of protection called Session Control. This allows administrators to define notification and enforcement rules for specific text fields within business apps that are accessed with credentials stored in Workforce Password Management.
Here’s one use case: Say an administrator created a rule to prevent users from executing funds transfers that exceeded a pre-set threshold within their corporate banking app. When a user attempts this, the IT security will be notified and can act on it.
“Password management must be dynamic to evolve with attacker innovation,” said Gil Rapaport, General Manager, Access Management at CyberArk. “We are continuously investing in new features and functionalities for Workforce Password Management to deliver greater usability, security and control for all users within an organization – from developers and business users to IT administrators.”
The enhancements are part of the CyberArk Identity 23.3 release. CyberArk Workforce Password Management is available as a standalone solution starting at $5 per user per month or as part of other CyberArk Identity Security Platform bundled solutions.
Edited by Alex Passett