Security Fundamentals

Compromising privileged accounts is a central objective for any attacker, and CyberArk Privilege Cloud is designed to help improve your organization’s ability to control and monitor privileged activity. As with any security solution, it is essential to secure Privilege Cloud to ensure the controls you have implemented are not circumvented by an attacker.

The controls described in this document are the minimal requirements for protecting our services and products, and therefore your privileged accounts. Consolidated by our team, these controls reflect our experience in implementing industry best practices when supporting our customers. The requirements are also based upon analysis of various reports made by companies that experienced a security incident and other research data generally available in the industry.

It is imperative that you follow as many of these steps as possible in your environment, recognizing there may be other methods that you might want to use based on your organization’s expertise. Review your CyberArk services and deployments on a regular basis to ensure it complies with industry best practices, including those outlined in this topic. For questions or assistance with designing and implementing these controls or support in reviewing your deployment, contact your CyberArk or partner representative.

For more information see the CyberArk Privilege Cloud security datasheet.

Requirements for protecting your CyberArk deployment