Last updated on March 16, 2023
The CyberArk service provides Privilege Access Management (PAM) functionality and controls for users, accounts, processes, and systems at UW–Madison. By dialing in the appropriate level of privileged access controls, PAM helps UW–Madison condense our attack surface, and prevent, or at least mitigate, the damage arising from external attacks as well as from insider malfeasance or negligence. PAM is considered by many analysts and technologists as one of the most important security projects for reducing cyber risk.
- Tracks credentials effortlessly, people need only keep track of one credential – their NetID – and everything else is managed for them.
- Provides automated password management capabilities helping to eliminate manual, time consuming processes.
- Provides automated account provisioning and deprovisioning for significant time savings
- Centrally manages and updates least privilege policies for users across all managed systems saving time and effort for admins.
- Centrally manages password changes reducing the risk of broken processes - and without risking downtime with every password change.
- User licenses must be purchased by your department
- User must have an active UW–Madison NetID
- Onboarding required to properly intergrate into systems
- Complete the CyberArk intake form (Source: app.smartsheet.com)
- Requires two designated safe managers who act as distributive administrators to provision people to access CyberArk
- Already integrated with campus Active Directory, need to identify additional systems that would need to be integrated
- Onboarding includes training, vaulting credentials, validating integrations (typically takes one to three months for onboarding) to effectively use the tool
While DoIT has purchased the CyberArk software, user licenses are needed for each individual who wants to login to CyberArk. User licenses are subscription based and are purchased annually. The current cost of a user license is $432/year and is subject to change.
- IT Staff