Description
Description- Cyber Ark Resource Needed
- Purpose: For Sox shared ids, analyze the id to determine how the id should be entered into Cyberark using best practice security controls.
- Develop a repeatable workflow process for entry into Cyberark and verify functionality.
- Review the list of shared ids - determine requirements for entry into Cyberark. Currently on version 9.2 of Cyberark. Approximately 320 ids need to be reviewed to determine the requirements to enter into Cyberark.
(1) Storage of the password - there is no automation of changing the password as the password can not be changed on a regular basis. Cyberark will track when a password is used. If used interactively, user must document the reason for use via incident or change order ticket.
(2) Storage of the password with automated password reset. Passwords are reset on a weekly basis Cyberark tracks the password.
(3) Cyberark fully automates the account privilege. The user logs into the Cyberark portal, retrieves the shared Id and gains access. The password is changed regularly; user does not know the password and the session can be recorded.
(4) Other - specialty case.
In Addition:
(1) The platform, function of the id, type of id (database, service account, Application, administration ), interactive or non-interactive, who uses the password, and the privilege are currently documented for the shared ids.
(2) Familiarity of the use of plug-ins to obtain the greatest benefit from Cyberark.
(3) Develop and document a repeatable process for each method of using Cyberark.
(4) Provide Compliance reporting - Access Control lists, video recordings, audit trails and evidence of password change.
Resource Requirements:
(1) 3-5 years' experience with Cyberark.
(2) Being able to determine the information Cyberark will require to load a shared id for the different scenarios.
(3) Excellent communication skills.
(4) Documenter.
(5) Ability to trouble shoot.
(6) Knowledgeable in information security.
(7) Familiarity with Cyberark Plugins.
(8) Knowledgeable in best practices.
(9) Knowledgeable in types of shared ids, functionality, and the security controls that must be in place.
(10) Knowledgeable in distributed applications.
(11) Experience in process improvement, development and documentation. Time Span: Resource needed 3-6 months, could go longer.
(12) Bachelor's Degree
(13) Years Experience: 3-5 years