Centrify Privileged Access Management:
Access Management and Security for the Remote Workforce and Third Parties
The number of inroads to our critical business systems and data is increasing rapidly. We’re outsourcing software development, giving remote access to data center and cloud-hosted dev and prod environments. We’re outsourcing IT admin functions, providing third-party vendors access to manage and troubleshoot systems and applications. Due to the pandemic, entire workforces are now remote, connecting daily to internal systems to do their jobs.
Remote Access Increases Risk, Operational Overhead, and Friction for Users
Traditional VPN-based login is cumbersome and Help-Desk intensive. A compromised VPN account can also put the threat actor on the network, facilitating lateral movement, and allowing workstation viruses and malware to spread. This lack of centralized access management results in multiple points of ingress. This wide-open approach leads to significant gaps in security and compliance, a bigger attack surface, and frustration for users.
Let Centrify Help
You need a modern PAM solution to act as a centralized, secure gatekeeper to all your IT assets while simplifying remote access. Shut down multiple inroads into your hybrid IT infrastructure and instead give users a simple, SaaS-based portal accessible from anywhere. Avoid VPNs and centrally control login to distributed IT infrastructure through a trusted and “clean source” that governs asset visibility and controls access via centralized policies and roles. Enforce “least privilege access” to align with Zero Trust and zero standing privileges models. Leverage adaptive MFA and just-in-time access requests to further mitigate risks.
With Centrify PAM, you can:
Minimize Potential Attack Vectors Used by Hackers, Disgruntled Workers, and Malware
Align with Zero Trust and zero standing privileges best practices and discard routine use of shared privileged accounts. At the core of Centrify PAM is a least privilege access control model that supports granular role-based access to individual applications and commands on the host systems.
Enable Just-In-Time Access for a Limited Time
Least privilege means granting users minimum rights by default. Users can request elevated privileges just-in-time through Centrify PAM’s self-service approval workflows. Elevated rights are temporary, automatically expiring to re-establish the least privilege state.
Increase Identity Assurance with Adaptive MFA
Use MFA for additional proof of identity. Adaptive MFA looks at context and prior behavior to avoid bothering the user if the assessed risk is low.
Audit Everything and Know Who Did What
Audit all privileged user activity across your systems (Windows, Linux, and UNIX) and network devices. Ensure individual accountability of privileged account access, eliminating anonymous access. Improve forensic detail with shell and process-level auditing on the host systems that attackers cannot bypass. Record each session for complete visibility.
Quickly Meet Compliance Requirements
Report on “who has access to what” and “what did they do with that access” across all your IT systems. Include detailed privileged session recording for visual proof that controls are in place and effective.
Let Outsourced Vendors Manage the Identity Lifecycle of Their Employees
Avoid having to manage third-party contractor identities yourself. With SAML-based federation, Centrify PAM enables secure token-based login to Centrify Vault Suite from any number of partners.