Centrify Privilege Elevation Service minimizes the risk exposure to cyber-attacks caused by individuals with too much privilege. The service allows customers to implement just enough, just-in-time privileged access best practices and in turn limiting potential damage from security breaches.
Secure and manage fine-grained privileges across Windows and Linux systems, limiting potential damage from security breaches. Get users to login as themselves for accountability, and elevate privilege based on their role within an organization.
Delegated Privilege Role & Policy Management
Centralized roles, rights and privilege policies simplify management across heterogeneous (UNIX, Linux and Windows) environments. Policies are stored in Active Directory separate from other common objects to support delegation to server administrators and separation of duties from Active Directory administrators, preventing server admins from managing AD objects they should not.
Time-Based Role Assignment
Minimize security risk by enabling administrators to systematically request a new role to obtain the rights they need to perform tasks. Access Request for Privileged Roles enables organizations to grant long-lived or temporary privileges and roles with a flexible, just-in-time model that accommodates fluctuating business needs.
MFA at Privilege Elevation
Multi-factor authentication (MFA) at login is not always the best choice, especially if that access and the normal commands cannot do any harm or access any sensitive information. However, the execution of a privileged command should always be protected from malicious actors by ensuring only authorized humans are launching privileged commands through MFA validation prior to privileged command execution.
We started out with very simple roles and now we manage user privileges with extreme granularity. The roles in Centrify are essential in limiting what people can access and locking our systems down., Systems Integration Chief, National Weather Services