What is our primary use case?
We are using this product for our privileged identities and account management. We have some accounts that we consider privileged, the ones that have access to systems, software, tools, and our database and files and folders, etc. We try to maintain these accounts safely and try to grant access to these systems securely. We try and manage other non-human accounts that are DBAs, DB accounts, etc., through CyberArk.
Another initiative for this was the PCA compliance that we wanted to meet.
We don't have many applications in the cloud, we are getting one or two now. So in the future, we plan to utilize CyberArk's secure infrastructure applications running in the cloud. It's on the roadmap. We are utilizing CyberArk's secure application credentials but not endpoints. I have only just learned about the Plugin Generator Utility, so I don't have experience with it yet. It's pretty cool. We intend to use it now.
How has it helped my organization?
One way it has improved the organization is we now have restricted access for all users to go through CyberArk. It has also enforced firewall restrictions across other places so they don't go through other means, they go through CyberArk. That brings in compliance and their account is now two-factored, so that is more compliant with PCI regulations.
The way it manages privileged accounts and managed access to privileged systems such that, right now, we are recording every session through PSM and people are more aware that the session is recorded, and they're more careful with what they do.
What is most valuable?
We are using the VSM proxy solution. That's what we are mainly using. We will try to use the PTA and AIM in the future.
What needs improvement?
I think it pretty much covers a lot of the privileged identity space, things that other vendors are not thinking about. I think they are doing a very good job. I don't have any suggestions.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
We have not had any stability issues so far. We have not had any serious downtime. We do see performance issues with PSM which gets very busy, and we just keep scaling the number of PSMs. When many people log in at the same time, we have some issues with connecting through PSM. We doubled our PSM software and it's better now.
What do I think about the scalability of the solution?
It's pretty scalable. Like I said, we just doubled our servers. If there are more users logging in, we'll probably go for a greater number of servers again.
How is customer service and technical support?
Technical support is pretty responsive and knowledgeable. We do get the right person.
What other advice do I have?
Others have spoken a lot about security hygiene and I believe that's where you should start.
l would rate CyberArk at nine out of 10. The way for it to get to a 10 is with a lot of features, the amount of cost involved in buying the product, and the PSM proxy issue that we've been facing.
In terms of important criteria when working with a vendor one thing is, as we said, getting to the right person. We go to support only if there is a critical situation where we are not able to solve it. Getting to the right person at the right time, and getting the issues resolved in a timely fashion is what we are looking for.