CyberArk Endpoint Privilege Management
- Guillermo Fernandez
- Casey Gorman
What is CyberArk Endpoint Privilege Management (EPM)?
CyberArk Endpoint Privilege Management (EPM) is a security solution designed to enforce the principle of least privilege on endpoint devices. It ensures that users and applications only have the permissions they need to perform their tasks, reducing the risk of unauthorized access and potential security breaches.
EPM also provides a secure way to grant elevated permissions when necessary, enabling the university community to perform their specific duties without compromising security. By limiting excessive privileges, EPM minimizes vulnerabilities and protects sensitive information.
How EPM Enhances Security
With CyberArk EPM, users can continue performing essential tasks but may need to verify their identity for specific actions requiring elevated privileges. This additional layer of security helps safeguard personal and institutional data from being stolen or misused.
Changes to the User Account Control (UAC)
The User Account Control (UAC) is a built-in Windows feature that prompts users to confirm or approve changes requiring administrative rights. Think of it as a safeguard that asks, "Are you sure you want to do this?"
With the implementation of CyberArk EPM, the UAC process has been enhanced:
New Appearance:
Instead of the default UAC pop-up, you’ll see a redesigned window provided by CyberArk EPM. This updated interface offers a consistent and secure experience.
Multi-Factor Authentication (MFA):
For certain high-privilege actions, you’ll need to verify your identity using MFA. This typically involves providing an additional form of authentication, such as entering a code sent to your phone, ensuring only authorized users can proceed with sensitive tasks.
These changes enhance security while maintaining ease of use, helping protect the university's digital environment from unauthorized access and threats.
