Centrify is redefining the legacy approach to Privileged Access Management by delivering multi-cloud-architected Identity-Centric PAM to enable digital transformation at scale. Centrify Identity-Centric PAM establishes trust, and then grants least privilege access just-in-time based on verifying who is requesting access, the context of the request, and the risk of the access environment. Centrify centralizes and orchestrates fragmented identities, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse.
Centrify is also the only pure PAM provider to achievefor its Privileged Access Service, allowing government agencies to adopt Centrify’s cloud-ready service solutions and bolster mission security as they migrate an increasing amount of workloads to the cloud.
Cloud-ready Zero Trust Privilege is designed to handle the rudimentary use case of privileged access management (PAM), which lies in granting access to privileged user accounts via a shared account, password or applications password and secrets vault, as well as securing remote access. Centrify Privileged Access Service allows for all of the above as well as secure administrative access via jump box, workflow-driven access requests and approvals as well as multi-factor-authentication (MFA) at the vault.
Cloud-ready Zero Trust Privilege is designed to handle requesters that are not only human but also machines, services and APIs. There will still be shared accounts, but for increased assurance, best practices now recommend individual identities, not shared accounts, where least privilege can be applied. Centrify Authentication Service allows properly verifying who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.
Centrify Privilege Elevation Service minimizes the risk exposure to cyber-attacks caused by individuals with too much privilege. The service allows customers to implement just enough, just-in-time privileged access best practices and in turn limiting potential damage from security breaches.
For privileged sessions it is best practice to audit everything. With a documented record of all actions performed it not only can be used in forensic analysis to find exactly the issue and attribute it to a specific user and session. Because these sessions are so critical it is also best practice to keep a video recording of the session that can be reviewed or used as evidence for your most critical assets or in highly regulated industries. With the Centrify Audit and Monitoring Service monitoring and session recording can be achieved through either a gateway-based and/or host-based technique. Advanced monitoring capabilities even allow for process launch and file integrity monitoring.
Cyber adversaries are getting more and more sophisticated and therefore it is best practice to apply multiple security layers when protecting against privileged access abuse. Today’s threatscape requires security controls to be adaptive to the risk-context and to use machine learning to carefully analyze a privileged user’s behavior. Leveraging Centrify Privilege Threat Analytics Service can make the difference between falling victim to a break or stopping it in its tracks.