Centrify
Centrify Privileged Access Service
Cloud-ready Zero Trust Privilege
Over the last years, it’s become evident that cyber-attackers are no longer “hacking” to carry out data breaches — they are simply logging in by exploiting weak, stolen, or otherwise compromised privileged credentials. To add to this challenge, the attack surface of organizations has changed dramatically. Privileged access nowadays not only covers infrastructure, databases, and network devices, but is extended to cloud environments, Big Data, DevOps, containers, and more. Considering both internal and external identitybased threats, IT organizations must take a first step towards Zero Trust Privilege by vaulting away shared account or application passwords, as well as secrets. With the rise of mobile workforce, outsourced IT, and third-party contractors, it is also vital to secure remote access and avoid infections during remote sessions.
The Centrify Privileged Access Service allows organizations to establish the core privileged access controls across their growing attack surface. Vaulting away shared account passwords, application passwords, and secrets is just one of the best practices to secure privileged access across the modern, hybrid enterprise. Managing the vaulted credentials, leveraging secure administrative access via a distributed local jump box, establishing VPN-less privileged session to remotely access targeted infrastructure, and implementing multifactor authentication are at the root of reducing threats, intentional or not. The Centrify Privileged Access Service grants access from a Web UI or mobile app and is available as a cloud-based service or customer-managed deployment on-premises. It covers your entire attack surface, both on-premises and in the cloud. The service even helps organizations to increase workstations’ security posture by minimizing the attack surface and controlling privileged access. Organizations can eliminate for example the use of static local admin passwords on workstations through password rotation and time-bound privileged access provided by Local Administrator Password Management (LAPM).