Many businesses today rely on remote vendors to manage portions of their IT infrastructure. To successfully carry out their tasks these external service organizations require inherent privileged access to corporate IT systems. However, extending enterprise privileged access security solutions and practices to remote vendors can be challenging when using conventional user authentication and authorization approaches.
Traditional enterprise identity management systems and access control solutions, designed to authenticate company employees and corporate-owned devices, aren’t well suited for securing third-party staff and outside devices in today’s modern world. Most businesses have little-to-no visibility or control over remote access the enterprise network. Providing corporate workstations to every vendor is not a feasible strategy for a variety of reasons and deploying VPNs or agents on another company’s laptops or desktops is often too much overhead for IT teams to manage. Alternatively, third-party staff and access requirements can change from day-to-day or week-to-week, making conventional identity management schemes based on user IDs and passwords impractical.
With a dissolved perimeter and a growing reliance on outsourced operations, enterprise IT operations and security teams alike must find innovative ways to grant external remote vendors secure access to privileged accounts without disrupting operations.
THE SOLUTION
CyberArk Alero is specifically designed to provide fast, easy and secure privileged access for remote vendors that need to access critical internal systems that are managed by CyberArk. The cloud-based, multifactor authentication provided with Alero leverages the biometric capabilities from smartphones which in turn allows authorized remote vendors just-in-time secure privileged access with a simple glance or tap of a finger. Alero eliminates the need for VPN clients, security agents or passwords that can frustrate users, add risk and create administrative headaches. Instead, remote vendors authenticate using native smartphone facial or fingerprint recognition functionality and are provisioned and authenticated for secure access to the CyberArk Core Privileged Access Security Solution via Alero. Alero integrates Zero Trust access, biometric multi-factor authentication, just-in-time provisioning and full integration with the CyberArk Core Privileged Access Security Solution for full visibility and audit for administrators, into one single SaaS solution.