Manage Workforce Passwords through CyberArk

Manage Workforce Passwords through CyberArk

By Greg Tavarez

Enterprises are powered by myriad applications. The problem is there are some applications that require users to log in via individual usernames and passwords. As a result, employees are required to create, remember and manage individual passwords for many applications.

This is a recipe for disaster as employees often look for shortcuts to manage their passwords. Many users tend to use the same password across multiple accounts. If one of these accounts is compromised, it can lead to all the other accounts being vulnerable. Also, users often choose weak and easy-to-guess passwords, such as "123456" or "password," which are so easily cracked by hackers using automated tools.

Employees that do look for solutions to help manage their passwords often turn to consumer-focused password management tools. The problem is these tools often lack security, visibility and compliance features, putting the enterprise at risk.

CyberArk’s cloud-based enterprise password management solution, Workforce Password Management, overcomes these challenges as it enables organizations to securely capture, store and manage password-based applications and other secrets. Workforce Password Management is designed for business environments and provides the privacy, availability and security enterprises demand, including support for modern passwordless authentication controls and corporate directories

Building on these capabilities, CyberArk released new capabilities that include application access controls based on usernames, support for CAPTCHA-enabled web apps and enhanced reporting for user-added applications.

This means that administrators now prevent end users from adding sensitive and privileged accounts to the Workforce Password Management vault. The new enhancements allow end users to seamlessly access websites that require CAPTCHA at login and solve third-party-enforced CAPTCHA challenges during the login process. Also, out-of-the-box reports provide detailed information about all user-added applications.

Additionally, Workforce Password Management can be used in conjunction with CyberArk Secure Web Sessions, which features an additional layer of protection called Session Control. This allows administrators to define notification and enforcement rules for specific text fields within business apps that are accessed with credentials stored in Workforce Password Management.

Here’s one use case: Say an administrator created a rule to prevent users from executing funds transfers that exceeded a pre-set threshold within their corporate banking app. When a user attempts this, the IT security will be notified and can act on it.

“Password management must be dynamic to evolve with attacker innovation,” said Gil Rapaport, General Manager, Access Management at CyberArk. “We are continuously investing in new features and functionalities for Workforce Password Management to deliver greater usability, security and control for all users within an organization – from developers and business users to IT administrators.”

The enhancements are part of the CyberArk Identity 23.3 release. CyberArk Workforce Password Management is available as a standalone solution starting at $5 per user per month or as part of other CyberArk Identity Security Platform bundled solutions.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Say Goodbye to Passwords: 1Password Unveils Two Passkey Innovations

By: Greg Tavarez    6/9/2023

1Password now offers customers the ability to save and sign into online accounts with passkeys as well as unlocking 1Password accounts with a passkey.

Read More

Industrial Cybersecurity Transformed: Secureworks Launches Integrated MDR Solution for OT and IT

By: Greg Tavarez    6/8/2023

Secureworks announced two new offerings to unify the way industrial organizations prevent, detect and respond to threats across the OT and IT landscap…

Read More

K8 Notifier: A New Twist on Cloud Cybersecurity

By: Matthew Vulpis    6/8/2023

K8 Notifer can create a suite of alerts for MSP to detect suspicious activity in the configuration and patterns of their and their customers cloud ser…

Read More

Impossible Cloud Paves Way with New Program in the Web3 Era

By: Greg Tavarez    6/8/2023

Impossible Cloud's Partner Program allows partners and resellers to seamlessly implement, demo and integrate its efficient, performance-driven solutio…

Read More

CrowdStrike Empowers Next-Gen Cybersecurity with Generative AI

By: Stefania Viscusi    6/8/2023

Security company CrowdStrike unveiled Charlotte AI, a new generative AI cybersecurity that will help to democratize security and empower users of the …

Read More