Battle Cards - MyCena

	IAM, PAM, SSO, password managers	MyCena Encrypted Access Management
Knowledge of Passwords	Yes Employees /contractors/ interns generate their own passwords to access systems such as intranet, remote IT and OT access, web and local applications, databases, legacy applications (mainframe), servers, connected devices…	No Company manages and distributes highly secure encrypted passwords for each system to employees, which they use as keys.
Password Strength	Weak Ex: Password123, admin Reused passwords	Strong Passwords like *QLf0sf 7D£bShX#Wbqj-2-CiQS** are generated by MyCena console
Risk Of Password Theft	High Password phishing, password fraud, password sharing Passwords kept in clear text in notes	Low Employees can’t know, disclose, share, write or type passwords No risk of password phishing, password fraud, weak and reused passwords
Access Segmentation	No A single password or identity simplifies passwords for employees Employees reuse passwords	Yes Different passwords for each system
Access Layers	No All passwords in the same basket behind a single access ( password or identity)	Yes Passwords are stored in different levels Bronze, Silver, Gold) according to their sensitivity
Password Resets	Yes 56% of people forget passwords at least once a month Password burn, absenteeism, productivity loss	No People can’t forget passwords they don’t know
Access Flexibility	No Cannot be used on all systems, e.g., legacy systems	Yes System agnostic, can be used for legacy systems, credit cards, IT, IoT, OT, SOC… MyCena can develop new integrations (review on demand)
Governance	No No visibility on shared, leaked or stolen single access until it has been exploited	Yes Full visibility over credentials events in real time in GRC
Risk Of Lateral Movement, Privilege Escalation, Ransomware, Supply-chain Attacks	High From one breach, hackers can use access to move laterally, find other passwords, privileged access, exfiltrate data, lock files, launch a ransomware attack, publish sensitive data, attack the supply chain…	Low If a criminal enters the network through a vulnerability or supply chain, access segmentation and encryption prevents the criminal from finding any other password, moving laterally and escalating their privileges, limiting the infiltrated area, espionage, exposed data, service interruptions, risks of ransomware, extortion, and further spreading to the supply chain.
Password Expiry	No People reuse passwords across all accounts	Yes Passwords deleted with employee account
Blocks Save Passwords In Browser And Windows Clipboard	No	Yes
One-click Access ( Automatic Transport Of Passwords Without Typing Or Seing Password)	No	Yes
Integration With Infrastructure Protocols (Telnet, SSH, RDP, Etc.), Websites (Http/Https), Local And Legacy Applications	No	Yes
Integration Of GRC Module With Syslog Solutions (SIEM, Splunk)	No	Yes
Centralized Credentials Management	No	Yes
Credit Card Module	No	Yes