Users need privilege to be able to do their jobs, but root or local admin access is far more than they need and assigning them creates unnecessary security risks. Centrally implementing a least privilege model across Windows, Linux and UNIX minimizes this risk and allows all users access to the exact resources they need to do their jobs. Unlike tools such as sudo, Centrify enables the control of privilege from Active Directory consistently across platforms versus requiring point solutions for Windows and UNIX.
Least Privilege Access as Best Practice
A least privilege access policy enhances the protection of critical data, improves system and network security, and minimizes the risk associated with user error, malicious attacks, security breaches, APTs, and accidental security incidents, and is often required by industry regulations and security best practices.
Centrify Privilege Elevation Service makes it easy to implement a least privilege model by allowing you to centrally create and consistently apply granular, role-based privileges across Windows, Linux and UNIX systems.
Centrify Simplifies Least Privilege Management
IT administrators use Centrify's patented Zone technology to configure roles and grant users exactly the right privileges and access to the right set of resources. Centrify's tight integration with Active Directory aligns with your existing user provisioning tools, making it simple to assign new users to a role, move users from one role to another or disable access for users who leave the company.
And because users always log in as themselves — not as root or local admin — they can continue work without disruption by seamlessly elevating privileges as needed. And you will always know who has access to what, and who did what, where and when.
- Eliminate the risks of granting root or local admin access by allowing privileged users to login as themselves through Active Directory and elevate privilege through Centrify.
- Control privileges across more than 450 versions of Windows, Linux and UNIX with a single solution.
- Assign users a restricted environment with access only to what they need.
- Leverage Centrify's patented Zone technology for scalable management of user or server roles and enable flexible and granular delegated administration.
- Ensure that users log in as themselves through Active Directory (or local accounts when needed), and always enforce their privileges based on a single, centralized identity.
- Monitor any or all sessions and tie activity back to a specific user with an integrated solution for authentication, authorization and auditing, streamlining audits and proving compliance with regulatory acts and guidelines.