How does CyberArk EPM handle risky applications?

CyberArk Endpoint Privilege Manager (EPM) addresses the challenges posed by risky applications by placing them under tighter control. This approach recognizes that while some applications may present security vulnerabilities or risks, they are often necessary for business operations. By controlling these applications, CyberArk EPM can enforce policies that restrict their usage in ways that mitigate potential risks without eliminating their functionality altogether.

This tighter control can take various forms, such as monitoring application behavior, restricting access based on user roles, applying application whitelisting, or limiting certain actions within the application. Such measures help ensure that while users can still perform their tasks, the organization remains protected from the risks associated with these applications.

In contrast, ignoring risky applications would increase the organization's vulnerability, while removing them entirely could disrupt business processes that depend on those applications. Promoting their use would counteract the security measures that EPM aims to implement. Consequently, the choice to place risky applications under tighter control is a balanced approach that enhances security while allowing necessary business functions to continue.