Non-Persistent Administrative Access Guidelines

Definitions

CyberArk Privilege Cloud enables organizations to securely store, rotate, and isolate privileged credentials, monitor sessions, and deliver scalable risk reduction to the business.

IT Resources include computing, networking, communications, application, telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and related materials and services.

Guidelines Statement

• CyberArk-licensed system administrators who use and manage IT Resources must use CyberArk for remote login and administrative access to servers (RDP, SSH, SFTP) in any of Fordham University’s PROD AD domains.
• Licensed system administrators must set up an account to organize credentials and associated administrative accounts (i.e., A-) by accessing https://fordhampcloud.cyberark.cloud after the onboarding email from CyberArk is received and accepted.
• Licensed system administrators can:
  • View and manage their inventory of privileged accounts and credentials, and
  • Isolate privileged sessions to prevent unauthorized access to sensitive data.
• Contact Application and System Security at [email protected] with questions about CyberArk or assistance setting up an account.
• If direct access (e.g., temporary vendor or admin) to the server is required, necessitating a bypass of CyberArk, a service ticket for approval can be created via the Fordham IT Service Portal.

Revision History