top of page
Writer's pictureSandeep Pawar

CyberArk, Operation and BAU (Business As Usual) tasks

Privileged Access Management (PAM) solution. Here’s a breakdown of common CyberArk operational and BAU tasks:


CyberArk Operations Tasks


Operations tasks focus on maintaining the overall health of the CyberArk environment and ensuring its continued operation:


1. System Monitoring and Health Checks:

• Monitor the health and performance of CyberArk components such as Vault, PVWA (Password Vault Web Access), CPM (Central Policy Manager), and PSM (Privileged Session Manager).

• Check for failed services, resource consumption (CPU, memory), or storage issues.

2. User and Account Management:

• Add or remove users and privileged accounts as per the requests.

• Manage user roles, permissions, and access to CyberArk resources.

• Monitor and review users’ access and session activity.

3. Password Rotation:

• Ensure periodic password changes for managed privileged accounts using the CPM.

• Investigate any failures in automatic password rotation and troubleshoot.

4. Session Monitoring and Recording:

• Monitor privileged sessions using PSM and review session recordings for suspicious activity.

• Investigate session anomalies or unauthorized access attempts.

5. Policy Enforcement and Auditing:

• Enforce and review security policies around password complexity, expiration, and reuse.

• Run regular audits and generate reports on privileged account usage for compliance purposes.

6. Patch Management and Upgrades:

• Apply patches and updates to CyberArk components to keep the environment secure and compliant.

• Ensure compatibility between CyberArk versions and other integrated systems.

7. Backup and Recovery:

• Perform regular backups of the CyberArk Vault and other key components.

• Test recovery procedures to ensure data can be restored in case of an issue.

8. Incident Management and Troubleshooting:

• Respond to and resolve incidents, such as access issues, password rotation failures, or Vault unavailability.

• Troubleshoot issues with CyberArk components and work with support teams for resolution.


CyberArk BAU (Business As Usual) Tasks


BAU tasks refer to routine, day-to-day activities that ensure the continuous and smooth functioning of the CyberArk platform.


1. Account Onboarding:

• Onboard new privileged accounts into CyberArk Vault and apply security policies.

• Ensure proper configuration for password rotation and access controls.

2. Access Request Management:

• Handle requests for privileged account access and assign permissions based on approval processes.

• Ensure access provisioning follows security policies and company standards.

3. Password Management:

• Handle any manual password resets or assist users with password management issues.

• Ensure privileged passwords are managed and rotated per company policy.

4. Audit Log Review:

• Regularly review logs and alerts for unusual or unauthorized activity.

• Ensure all access to privileged accounts is tracked and audited.

5. Periodic Access Review (PAR):

• Perform regular reviews of privileged account access to ensure only authorized personnel have access.

• Revoke unnecessary privileges and accounts based on changing roles or needs.

6. Session Recording Review:

• Regularly review privileged session recordings for any suspicious or non-compliant activity.

• Ensure session recordings are properly stored and accessible for audits.

7. User Support:

• Provide support for users experiencing issues with CyberArk, such as login issues, password reset requests, or session problems.

• Assist users in resolving MFA (Multi-Factor Authentication) issues or connection problems with PSM.

8. Report Generation:

• Generate and review reports on privileged account usage, password status, and system activity.

• Provide reports for internal audits or compliance reviews.

9. CyberArk Policy Updates:

• Modify password and access policies in CyberArk based on updated security policies or audit findings.

• Adjust onboarding and offboarding workflows for privileged accounts as per policy changes.


Key Tools and Components in CyberArk Operations and BAU


• Vault: Central repository to securely store and manage privileged credentials.

• PVWA (Password Vault Web Access): Web-based interface for users to interact with the Vault.

• CPM (Central Policy Manager): Automates password management tasks, such as password rotation.

• PSM (Privileged Session Manager): Monitors and records privileged sessions.

• SIEM Integration: For sending CyberArk logs and alerts to a SIEM for further analysis.


Both operational and BAU tasks are essential for ensuring CyberArk is functioning properly and maintaining the security of privileged access within an organization.

341 views0 comments

Recent Posts

See All

Comments


bottom of page