CyberArk Endpoint Privilege Manager (EPM)

CyberArk Endpoint Privilege Manager (EPM) helps organizations reduce malicious attacks by removing local administrative privileges for business users and controlling IT administrator privileges on Windows Servers based on role. CyberArk also enables organizations to closely monitor all applications within the environment. Previously approved, or whitelisted, applications may seamlessly run, malicious applications can be immediately blocked, and unknown applications can be “greylisted” and restricted, pending further analysis.

 

Benefits:

  • Reduce the attack surface by removing local administrator privileges and preventing malware from entering the organization

  • Enable organizations to remove everyday local administrator privileges from business users without impacting user productivity or driving up help desk costs

  • Enable organizations to segregate duties on Windows Servers to strengthen security and reduce the risk of intentional or accidental damage to critical systems

  • Enable users to seamlessly run whitelisted applications

  • Maintain user productivity while IT teams investigate unknown applications

  • Accelerate threat detection by integrating with automated sandboxing tool such as the Campus Palo Alto Networks solutions

  • Accelerate remediation by providing visibility into every instance of a malicious application in the organization and blocking malware from running


Installing Software on your University Computer:

There will be a defined set of approved (whitelisted) software that you will be able to install on your University computer at any time. This will be common applications such as Microsoft Office, Windows Updates, Java, allowed web browsers plus more. If you want to install new software and this software is not the whitelist, you won't be able to install it without providing a business reason as to why it is needed. Information Services System Administrators will receive the request and assess the software to determine its validity.  Information Services System Administrators may contact you for further clarification or Departmental approval to use the software.

Business Reasons need to be detailed. Here are a couple of examples:

  • I need to install "My Application" in order to run statistical analysis on my data. I bought this software and have a license for it. 

  • This is the new version of "My Application" which is used to do graphical representations of data. I bought this software and have a license for it.

 

Example fo pop up box for entering justification:

Cyberark.jpg

The request will be reviewed by an IS Administrator to determine validity and to ensure it’s not malicious. Our goal is to review the justification/software and reply back within an hour to grant or deny the installation.

Related University Controls:

User Installed Software: http://cio.tamu.edu/Risk_Management_Policy/IT_Policy/PDFs/CM11_User-Installed_Software.pdf

Malicious Code Protection: http://cio.tamu.edu/Risk_Management_Policy/IT_Policy/PDFs/SI3_Malicious_Code_Protection.pdf

Rules For Responsible Computing: http://rules-saps.tamu.edu/PDFs/29.01.03.M2.pdf