Password Management for Hybrid IT

Centrify Privileged Access Management:
A Modern Vault for Your Cloud Transformation

The vault is a foundational component of any sound Privileged Access Management (PAM) strategy. With organizations extending IT infrastructure from the data center to the cloud — often, multiple clouds — it’s critical that the vault is up to the challenge. Cloud transformation demands a vault that quickly and easily adapts to secure privileged access for cloud infrastructure without leaving security gaps.

computer with clouds

Accelerated Cloud Transformation Projects Introduce Risk

Cloud transformation is not a new phenomenon, but projects have greatly accelerated due to the COVID-19 pandemic. The business drivers have not changed — agility, cost savings, and performance – but the speed at which you are moving workloads to the cloud has. The result for IT and security teams is a scramble to maintain control of privileged access in a dynamic environment to prevent security breaches across the hybrid IT infrastructure.

Many organizations have had a vault in place for years, but not all were built for the cloud. As you migrate workloads to the cloud rapidly, IT struggles to extend legacy vaults to protect privileged access to those workloads as they go live.

Let Centrify Help

Centrify Vault Suite is the modern vault delivered from the cloud for the cloud. It was the industry’s first multi-tenant PAM-as-a-Service designed to address cloud transformation use cases. It provides core vault capabilities, such as account discovery, shared account password management, password rotation, privileged sessions to infrastructure, and session monitoring. However, it also uniquely secures privileged access across hybrid IT infrastructure and cloud-hosted workloads.

With Centrify PAM, you can:

Secure and Simplify

Establish one vault as part of a comprehensive privileged access management strategy that spans on-premises and hybrid cloud infrastructure. Centrify implemented a hub and spoke model to support cloud transformation and distributed IT infrastructure. This eliminates the need to introduce new vaults or devise complicated and fragile synchronization schemes. The Centrify Vault Suite is the hub and is a SaaS service — always available from anywhere. It runs in the cloud, leveraging AWS or Microsoft Azure for massive scale, reliability, and performance. Centrify’s lightweight connectors are spokes that attach your infrastructure, wherever it lives, to the Centrify Vault Suite to secure privileged access across hybrid IT.

Rapidly Vault Passwords for New Systems

Quickly access a full-featured vault available as a SaaS offering managed by Centrify. Centrify Vault Suite takes less than thirty minutes for Centrify’s Operations Team to provision a tenant for a new customer. Deploying a Centrify Gateway Connector and connecting it with the Vault Suite takes less than fifteen minutes. In under an hour, you are ready to automate the discovery of hybrid infrastructure and bring local privileged accounts under management.

Easily Accommodate a Remote Workforce and Outsourced IT

Centrify Vault Suite is accessible from anywhere, without a VPN, via a Web browser or the Centrify Mobile App. IT organizations use federated privileged access for outsourced IT. They don’t have to create new identities that expand their attack surface but rely on the outsourcing service to manage their employees in their corporate directory. Secure remote access is granted to a targeted set of infrastructure through the Centrify Vault Suite, eliminating the risk of full VPN access and removing the need to connect unsecured laptops directly to the network.

Manage Your Cloud Provider Environments

Securing access to cloud provider environments requires attention at two levels — the native management console and your virtual systems in VPCs and VNets. The root/billing account represents a significant risk. You must vault it, making it available for emergency use only, and have password rotation automated. Instead of creating local cloud provider IAM accounts for your users, enable SAML-based federated login from the vault for a streamlined experience, simplified administration, and a reduced attack surface. Auto-discover virtual instances and bring them under centralized management, so you always have complete visibility into your workloads and consistent, blanket access controls.

Ready to Protect Against the #1 Attack Vector?

Click here for more information about our products, pricing, demos, and more.

Contact Us