PALO ALTO, CA -- (Marketwired) -- 07/26/16 -- Hewlett Packard Enterprise (HPE) (NYSE: HPE) today announced the HPE Privileged Account Management (PAM) Service offering, an extension to its HPE Managed Security Services (MSS) portfolio. In partnership with privileged account security software leader CyberArk (NASDAQ: CYBR), this offering is designed to help customers more effectively mitigate the heightened risk associated with privileged accounts, enforce more consistent application of security policies, and reduce manual efforts and administrative costs.
External attackers and malicious insiders are increasingly using the broader network permissions of privileged accounts to execute complex breaches and access sensitive information. In fact, 80 percent of all targeted attacks exploited privileged accounts during the attack process.(1) These attacks are often able to take full control of an organization's IT infrastructure, disable its security controls, steal confidential information, commit financial fraud, and disrupt operations.
HPE PAM Service leverages the ten global HPE Security Operations Centers (SOCs), offshore resources, and the CyberArk Privileged Account Security Solution to help organizations address some of the biggest security challenges including: advanced targeted attacks, insider threats, malware targeted at privileged accounts, regulation and failed audits, and the outsourcing of sensitive information, assets and infrastructure. The CyberArk Privileged Account Security Solution provides a comprehensive solution for operating systems, databases, applications, hypervisors, network devices, and security appliances. It can be deployed on-premise, in the hybrid cloud and OT/SCADA environments.
"Threats targeting privileged accounts are increasing in frequency, complexity and scope, making it critical for organizations to gain control and visibility of this key user group's activity," said Art Wong, senior vice president and general manager, HPE Security Services, Hewlett Packard Enterprise. "The full-service HPE Privileged Account Management offering backed by CyberArk technology provides organizations with the means to effectively mitigate their risks of both external and internal attacks on privileged accounts, as well as maintain compliance."
HPE PAM Service is integrated with the HPE Identity and Access Management (IAM) Service to address the growing challenges of IAM, thus improving efficiency and saving costs. In addition, as part of the C3 Alliance, HPE and CyberArk also offer proven and tested bi-directional integrations between the HPE ArcSight SIEM platform and the CyberArk Privileged Account Security and Privileged Threat Analytics solutions. The integration provides joint customers with detailed privileged account activity intelligence and actionable alerts on anomalous behavior in HPE ArcSight where it can be correlated with other indicators to quickly identify and disrupt the most critical in-progress attacks.
"Privileged accounts provide tremendous access to sensitive information and infrastructure that can take down an entire organization if compromised by attackers," said Adam Bosnian, executive vice president, global business development and head of the C3 Alliance, CyberArk (@CyberArk). "This partnership combines CyberArk's proven, innovative Privileged Account Security Solution with HPE's comprehensive global Managed Security Services portfolio to proactively manage privileged user and account risk and combat this growing challenge."
Benefits & Impact
The newly introduced HPE PAM Service offering features numerous enterprise security benefits, including:
- Protection against cyber attacks - Lock down privileged accounts and secure sessions to prevent malware infection at the endpoint, lateral movement, and attack escalation to stop attack progression.
- Visibility - Control of administrative access to a wide range of systems and infrastructures, from accounts on operating systems, databases, middleware and applications, to network devices and SaaS applications.
- Compliance Support - Fully auditable system that supports stringent needs of highly regulated industry sectors, such as providing auditors with detailed privileged access reports. By 2017, analysts predict that more stringent regulations around control of privileged access will lead to a rise of 40% in fines and penalties imposed by regulatory bodies on organizations with deficient PAM controls that have been breached.(2)
- Consistency & Accountability - Seamlessly enforcing consistent password policies across the enterprise. Anonymous use of credentials is eliminated across the enterprise and auditable controls tie people to their actions.
- Efficiency - Password policies enforcement and secured, centralized, and automated password management for administrative, service, and application accounts.
The HPE PAM Service is currently available to customers as part of the HPE Managed Security Services (MSS) portfolio, which delivers an extensive security service management process and in-depth consulting expertise to define, implement and manage a resilient security program.
About HPE Security
HPE Security helps organizations protect their business-critical digital assets by building security into the fabric of the enterprise, detecting and responding to advanced threats, and safeguarding continuity and compliance to effectively mitigate risk. With an integrated suite of market-leading products, services, threat intelligence and security research, HPE Security empowers organizations to balance protection with innovation to keep pace with today's idea economy. Find out more about HPE Security at https://www.hpe.com/us/en/solutions/protect-digital.html.
About Hewlett Packard Enterprise
Hewlett Packard Enterprise is an industry leading technology company that enables customers to go further, faster. With the industry's most comprehensive portfolio, spanning the cloud to the data center to workplace applications, our technology and services help customers around the world make IT more efficient, more productive and more secure.
This document contains forward-looking statements within the meaning of the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. Such statements involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of Hewlett Packard Enterprise could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including any statements of the plans, strategies and objectives of Hewlett Packard Enterprise for future operations; other statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include the possibility that expected benefits may not materialize as expected and other risks that are described in Hewlett Packard Enterprise's filings with the Securities and Exchange Commission, including but not limited to the risks described in Hewlett Packard Enterprise's Registration Statement on Form 10 dated July 1, 2015, as amended August 10, 2015, September 4, 2015, September 15, 2015, September 28, 2015 and October 7, 2015. Hewlett Packard Enterprise assumes no obligation and does not intend to update these forward-looking statements.
(1) CyberArk Threat Report, "Privileged Account Exploits Shift the Front Lines of Cyber Security," November 2014.
(2) Gartner "Market Guide for Privileged Access Management," May 2015.
Hewlett Packard Enterprise