Over the first half of 2019, Centrify issued two research reports about the adoption of Privileged Access Management (PAM) solutions and the maturity of organizations on the path to Zero Trust Privilege.
The first report, “Privileged Access Management in the Modern Threatscape” published in February 2019, surveyed 1,000 IT decision makers in the U.S. and U.K. The main takeaway from that report is that 74% of respondents whose organization had been breached acknowledged it involved access to a privileged account. This was important because it validated Forrester’s long-held estimate that 80% of breaches involve privileged access abuse.
The second report, “2019 Zero Trust Privilege Maturity Model” published in May 2019, surveyed 1,300 organizations in the U.S. and Canada. Two of the key takeaways from that report is that 41% of organizations have a PAM maturity best described as “Non-existent,” backed by an alarming finding that 58% of organizations are not controlling privileged access with Multi-Factor Authentication.
More importantly, however, was that both surveys asked if respondents or their organizations have a password vault, one of the basic foundational elements of a sound PAM strategy. In BOTH reports, 52% responded that they do NOT have a password vault.
So, to summarize, the respondents acknowledge being breached and that in three out of four privileged access abuse was a factor, yet over half of companies aren’t taking the most basic measures such as a password vault and/or MFA to secure privileged access at their organizations.
Enough is Enough
Centrify published these reports hoping they would draw more attention to the now-clear understanding that privileged access abuse is the leading attack vector. After all, it seems that not a day goes by where we don’t read about a new data breach, no matter the size, industry, or technology maturity of the organization. And whether it’s revealed up front or months later, all too often we learn that the breach involved exploitation of a privileged credential.
Visibility wasn’t enough. Over half of these companies were exposed and at risk. It kept eating at us.
Centrify has long offered a free 30-day trial of its complete suite of cloud-ready Zero Trust Privilege solutions, for our prospects to try before they buy. Free trial offers a breadth of services ranging from a password vault and authentication to privilege elevation, threat analytics, and full monitoring and auditing capabilities.
But after learning that 52% of organizations don’t have a password vault and imploring in a webinar (with guest speaker Dr. Chase Cunningham from Forrester) for everyone to at least get a vault, we knew we had to make it easier.
Vault only, plus administrative MFA, offered as SaaS. Security without the IT project!
Keep it simple…and free.
It's Free — Go Get Our Vault
This week, Centrify announced a brand new Free Tier offering. It’s PAM-as-a-Service available on the AWS Marketplace, free for up to 50 registered systems and their associated accounts.
With our Free Tier offering you can avoid the IT project overhead that is typically associated with implementing a software-based password vault. Centrify serves over half of the Fortune 100 and over 100 U.S. Federal Agencies with our solution. Have your enterprise-grade Centrify Privileged Access Service up and running in a matter of minutes. Yes, it’s that simple.
By subscribing to the Centrify Services on the AWS Marketplace you can secure access to your hybrid infrastructure and start on your path towards Zero Trust Privilege. If you go over the 50 registered systems, the pricing is “pay-as-you-go” with no up-front contracts. Centrify’s Free Tier solution is the only password vault solution available on a metered basis.
Your subscription gives you access to the following capabilities:
- Our cloud-based password vault to discover and register all machines and then vault all shared, alternate admin and service accounts.
- Credential management to secure, auto-rotate after checkout, and control access to passwords.
- Secure remote access for IT administration teams, outsourced IT, and third-party vendors.
- Secure administrative access via Jump Box to ensure all privileged access is conducted through a clean server gateway.
- Access request and approval workflow to eliminate static and long-lived privilege grants with context that can more accurately enforce least privilege.
- Multi-Factor Authentication at system or vault login, or during privilege elevation, to reinforce security policies and enforce Zero Trust.
- Brokered Authentication extends enterprise authentication to your Amazon EC2 instances or any cloud resources by brokering authentication to your choice of directory services, eliminating the additional headache of duplicate directories in the cloud. (available for an additional fee)
Does your organization already have a password vault already but are interested in seeing how ours compares? Go get our Free Tier vault!
All you need to get started subscribing is an AWS account and the click of a button in the AWS Marketplace. If you go over the 50 registered machines, you’ll be billed automatically and directly from Amazon.
Don’t be the next victim of a data breach. Controlling privileged access with basics like a password vault and MFA can go a long way to hardening your security posture. Our PAM-as-a-Service is free (for up to 50 registered systems).
So go subscribe now – what do you have to lose?
This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.