In this session, we will discuss the efficiencies you can find using UiPath and CyberArk technologies.
Topics covered:
Efficiencies with UiPath and CyberArk
Maturing your automation program
Implementing security controls for automation
Scalability
Automate privileged access
o Protecting privileged credentials
2. Diana Gray
Senior Community Marketing
Manger, AMER @UiPath
Meet the Team
Brian Carpenter
Joshua Gregory
Jeremy Patton
Stuart McEntee
Polo Perez
Sales Engineer @UiPath, Inc.
Senior Presales Technical
Consultant @UiPath, Inc.
Solutions Engineer – DevOps
@ CyberArk
Sales – Secrets Manager
Sales Specialist @ CyberArk
Senior Director of Business
Development @ CyberArk
3. About today’s meeting:
• Welcome to the UiPath and CyberArk Webinar Sessions
• We will be recording these sessions, so please keep yourself on mute unless
the speaker ask if you have any questions.
• The recording will be available tomorrow and I will put the url in chat, where
you can find it under the wrap up tab at the top of the page.
• You are encouraged to put any questions that you have in chat
• These sessions are designed for you to engage with us on topics that interest
you, so please let us know your thoughts and feel free to share your
experiences during the Q&A session.
• If you have any additional topics that you want us to cover, please email me @
diana.gray@uipath.com
4. Agenda
• Value of Leveraging CyberArk with UiPath, recap
• Efficiencies with UiPath and CyberArk
• Barriers to Automation
• Eliminating Manual Activities
• Benefits of Centralized Credential Storage
• Data Handling Best Practices for Bots
• Bot Oversight
• Secrets Manager
5. • Left unmanaged and unprotected, privileged
credentials can transform RPA into a backdoor for bad
actors to access corporate IT infrastructure
• Bad actors can access same systems, applications
and data as software robots using acquired privileged
credentials
• Login process appears genuine, making detection of
suspicious activity unlikely
• Bad actors can manipulate, compromise and exfiltrate
confidential or commercially sensitive information
• Bad actors tend to make lateral moves to other
systems and applications, further penetrating an
organization's infrastructure
• Compromised privileged credentials can lead to
financial losses, reputational damage and diminished
customer loyalty
6. Allow security and development teams to
dynamically manage the applications’
secrets required to access resources and
services across hybrid and multi-cloud
environments without impacting agility.
Privileged credentials are often called “SECRETS” and refer to a private piece of information that
acts as a key to unlock protected resources or sensitive information in tools, databases,
applications, containers, DevOps and cloud-native environments.
SECRETS MANAGER GOAL
6
Human Access
Non-Human
Access
1 person
45 apps/tools
workloads
service accounts
Cloud- Hybrid Cloud
Data Center
Kubernetes
RPA CI/CD
Scripts Containers
Vulnerability Scanner
Home grown apps
SolarWinds
Octopus
Codecov
Uber
Stuart McEntee, CISSP
CyberArk Secrets Manager Specialist
stuart.mcentee@cyberark.com
www.cyberark.com
SEC Ruling:
https://www.sec.gov/news/press-release/2023-139
7. 7
Key
Benefits
Developers
Simplicity: Native
integrations simplify
securing DevOps tools,
CI/CD, ISV to zOS and
everything in between.
Security
Robust Security:
Centralized management,
rotation, audit and strong
authentication ensures
workloads securely access
to secrets.
Operations
Efficiency &
Availability: Architected
to ensure secrets are
always available when
and where they are
needed.
Secrets
Hub
…Not a single product or one-time event
9. 9
MOST COMPLETE &
EXTENSIBLE IDENTITY
SECURITY PLATFORM
BROADEST INTEGRATION
SUPPORT
IDENTITY SECURITY
INNOVATOR
PROVEN EXPERTISE IN
SECURING IDENTITY
• Manages secrets for apps,
automation scripts, non-human
identities AND human users
• Centralized secrets management
• 200+ integrations with top DevOps
tools, platforms and COTS apps
• Work with partners and open-source
communities to certify and expand
• Secrets rotation with zero downtime
• Zero /minimal code changes for
devs, e.g., ASCP, Secretless
• Data segregation with centralized
management
• Entire company focused on security
• Expert in partnering with security
teams
• Trusted by over half Fortune 500
ARCHITECTED FOR THE
MODERN ENTERPRISE
• High availability architecture
• High performance & scale -
unique read-only follower
architecture
• Innovative solutions for securing
mission critical legacy apps
SECRETS MANAGER
ALIGNMENT TO
CYBERARK
DIFFERENTIATORS
10. 10
Credential
Management
Now we highlighted the importance
of bot identities, it’s mandatory to
periodically check and maintain
all accounts’ permissions
and configurations
Credential manager
All accounts should be stored in a common credential manager that allows each team
member to access required dev/prod accounts based on their team role
(dev, support, business analysts)
Periodically change account passwords to enhance
security and compliance guidelines
Regularly rotating account passwords limits risks of sharing or leaking
Some processes might have been decommissioned
and the associated account is no longer required
This can be easily tracked with an Internal Process Inventory that contains real-time
production processes information like name, deployment location, accounts used etc.
13. Efficiencies with UiPath and CyberArk
• UiPath and CyberArk together
improves efficiency
• Combines RPA with privileged
access management
14. Cost Savings
• Software robots process tasks faster than
humans resulting in cost savings
• RPA can help organizations take
advantage of early payment discounts
• Working at a faster pace enables
additional process-specific savings
15. Scalability and Efficiency
• Robots work around the clock, and RPA
processes can be scaled easily across
countries and business units
• Software robots carry out tasks faster and
at a steady rate for as long as required
• Robots could help organizations speed up
the processing of everyday tasks
16. The Importance of
Supporting Automation
• Enterprises must support and encourage
automation to stay competitive
• 68% of workers believe that automation
makes them more productive
• Providing a secure framework for
automation is crucial for success
• Stronger security must be baked into
automation efforts
17. The Five Barriers to
Automation at Scale
1. Hard-coded credentials make bots
vulnerable to attacks
2. Hard-coded credentials are difficult to
rotate, exposing critical systems to risk
3. Vulnerabilities in bots with hard-coded
credentials create a larger attack
surface
4. Retrieving credentials from a bot is just
the first step in an attacker's access
5. Using the same password in multiple
locations can allow lateral movement
through the organization
18. Eliminating Manual
Credential Rotation
• Credentials need to be rotated on a
regular basis to reduce the time frame in
which privileged credentials can be used
• Credential rotation is crucial for bots, but
it poses a challenge for automation
engineers and operations teams when
performed manually
• Automatic rotation is a better alternative
to manual rotation as it establishes
policies for how credentials should be
rotated
19. The Benefits of Centralized
Credential Storage
• Storing credentials in a centralized repository
ensures consistent policies across bots and
applications
• This makes it easier to find and manage
credentials, reducing the risk of loss or
compromise
• More advanced credential management solutions
automate the removal of inactive credentials,
improving operational efficiency
• Citizen developers can follow security best
practices, simplifying the process of granting bots
access to necessary credentials
• By enforcing strong password management
practices, the entire organization can be held to
the same standard of security
20. Data Handling Best
Practices for Bots
• Bots should only access necessary applications or
databases to prevent compromised bots from
escalating credentials
• Limiting data access is good practice to prevent
exposure of customer data
• Access restriction is especially important for bots
handling confidential data
• Limiting access to necessary data is crucial for
unattended bots
• Bots from one department accessing data from
others increases risk if compromised by attackers
• Aligning bot deployment with security practices
enables digital business and accelerates RPA
deployment
21. Complete Oversight and
Auditability of Bots
• Bots have administrative access and need
to be monitored
• Audit logs of RPA tools are not always
suited for security purposes
• A robust audit log provides valuable
insight
• Centralized view of audit logs simplifies
investigative analysis
22. Main Features of CyberArk
Secrets Manager
• Integrates with UiPath to improve efficiency
• Secures privileged identities in a tamper-resistant
repository
• Seamlessly secures retrieval and granting of
credentials to individual robots
• Automates credential rotation in line with
organizational policy
• Secures vaulting and management of privileged
account credentials
• Minimum password complexity for all credentials
• Isolation, control, monitoring, and recording of all
privileged activity
23. Summary of
Presentation
• Efficiencies with UiPath and CyberArk
• Barriers to Automation
• Eliminating Manual Activities
• Benefits of Centralized Credential
Storage
• Data Handling Best Practices for Bots
• Bot Oversight
25. Learning Objectives
Access additional resources
Guide your customers and prospects through how to set up an
enterprise automation program the “right way”
Show your customers what good looks like and the impact that
UiPath can have on their business
Know how to intervene with customers who have not setup their
programs correctly
26. There are 5 critical things to get right to
maximize the value of an intelligent
automation program
STRATEGY & ALIGNMENT
Right reasons
1
VALUE IDENTIFICATION
Right demand
2
DESIGN & STRUCTURE
Right program
governance & execution
3
VALUE REALIZATION
Right accounting
4
CHANGE MANAGEMENT
Right communications
5
27. STRATEGY & ALIGNMENT
Elements What Good Looks Like Signs of Mis-alignment
• Existing business goals and strategies
provide automation program focus
and priorities
• Business leaders drive the
automation program
• IT is a required partner supporting
delivery
• Business measures impact of
program against strategic goals
• Business + IT partnership
• The goal is “digital transformation”
• Target number of processes to
automate
• Program lead define “locally
optimized”goals and measures
Automation is a means to an end
Right reasons
1
PLANNED BUSINESS OUTCOMES
& MEASURES
BUSINESS GOALS & STRATEGIES
1
0
1
0
1
0
1
0
1
0
1
0 1
0 1
0
1
0
1
0
1
0
1
0
0
0
1
0
1
0 1
0
0
1
0
1
0 1
0
1
0
0 1
0
Digital automation enablement
28. VALUE IDENTIFICATION
Elements What Good Looks Like Signs of Mis-alignment
• Pipeline opportunities are assessed
against business goals for
prioritization
• Governance to enforce alignment
• Discovery Team + Technology
• Top opportunities are material against
business strategy and goals
• Discovery team performs opportunity
identification with business leadership
• Discovery technologies produce
additional data-driven opportunities
• Crowdsourcing / Roadshows utilized to
build awareness and Citizen
Development pipeline
• Program team (COE) or IT is trying to
sell the capabilities of automation to
the business
• Attempts to “crowdsource”ideas
from all employees as the main
method to build pipeline
Business Goals drive the“Pipeline”
Right demand
2
Business Analysts
(via Bus Leaders)
Business Team /
Citizen Developers
Automated
Discovery
SOURCES OF DEMAND BUSINESS VALUE FILTER PRIORITIZED AUTOMATION PIPELINE & ROADMAP
• Business value measures
• Automation potential
OPPORTUNITY PORTFOLIO VALUE ROADMAP
29. DESIGN & STRUCTURE
Elements What Good Looks Like Cautions
• Team structure and size is aligned
against a robust pipeline of
opportunities
• Pipeline opportunities move to
delivery <3 months of being
submitted
• Existence of dedicated production
support / BAU pod
• Agility to scale – new pods within a
few weeks
• Opportunities languishing in pipeline
resulting in business disengagement
• All internal resources – no ability to
quickly scale or retain talent
Design the organization to fit the
objective
Right program
governance & execution
3
FACTORS TO CONSIDER WHEN DESIGNING YOUR DELIVERY TEAM
30. VALUE REALIZATION
Elements What Good Looks Like Mis-alignments
• Automation value is anchored to
business unit objectives and
measures
• Each automation project’s value is
jointly agreed to by business unit and
automation team in advance
• Reporting
• Dashboards & reports
• Steering Committees
• Program Evolution
• Quarterly Program Assessments
• Value Realization
• Achievement accountability
• Traceability to top-level metrics
• Automation team tracks “counts”
rather than value
• Business cannot articulate the value
of automation
Value only recognized by the
business
Right accounting
4
VALUE ACCOUNTING
CATEGORIES & METHODS
• Cost
• Quality
• Speed
• Experience
• Risk / Compliance
• Revenue
PLANNED VS. ACTUAL BUSINESS
OUTCOMES & MEASURES
Planned Actual
Actual
Planned
Steering Committee
Business Leaders
Functional
Teams
BUSINESS LEADER & STAKEHOLDER
REVIEWS