With the CHRONOS CyberArk module, all database connection data to stored databases can be read from CyberArk, centrally secured.
Secrets management is a best practice in the cyber security industry to enforce security policies for non-human identities. Companies can be sure that only authenticated and authorized users can access resources. A web service interface to the CyberArk Identity Security Platform's Secrets Query has been integrated into CHRONOS to implement this security strategy. This means that no sensitive database access data needs to be stored in CHRONOS and there is no need to change passwords.
Advantages of Secrets Management:
- Centralization: Secrets management is automated and centralized.
- Restricted access: Access to secrets is restricted to applications/tools/processes.
- Encryption: All secrets are stored in encrypted form.
- Validity period: Secrets can be limited in time.
- Monitoring: All interactions are recorded.
-
- Example:
CHRONOS configures a database connection with an encrypted password. With the CyberArk interface, passwords and user names are no longer stored. Only the interface and ApplicationID are required. CHRONOS starts a request for a specific ApplicationID via CyberArk and wants to know the current user name and password. CyberArk itself checks whether CHRONOS is authorized to receive this information for the ApplicationID.
After verification, CHRONOS is granted access to the database.