Validate Users' Identity Before They Elevate Privilege
Multi-factor authentication (MFA) at login can be cumbersome and unnecessary, particularly if everyday access and activity cannot do harm and does not expose sensitive information. However, the elevation of privilege should always require identity assurance through MFA validation to ensure an authorized human is making the request. Centrify Cloud Privilege Elevation Service provides host-based MFA at privilege elevation for Linux and Windows systems, which cannot be circumvented.
Zero Trust Demands Identity Assurance

MFA Service for All Privileged Access
Whether requiring MFA at system or vault login, before privilege elevation, or on a password or secret checkout, Centrify Platform delivers a consistent and easily maintainable MFA service for all privileged access. Centrify Platform’s MFA service supports the broadest range of authenticators for NIST Level 2 and 3 Assurance Levels. We got you covered.

MFA for Linux Privilege Elevation
A zero-standing privilege approach requires validation of who is making the request to elevate their privilege. Linux admins logging in to check a system do not introduce risk and should not require MFA. However, execution of privileged commands that could harm a business should first require MFA to validate the admin’s identity.

MFA for Windows Privilege Elevation
A zero-standing privilege approach requires always Verifying Who is requesting privileged access. Windows admins who need to run applications with privilege prove their identity leveraging one or more authentication methods.