Least Privilege as a Best Practice
Reduce the risk of attack through individuals with too much privilege. Implementing least privilege principles also limits the potential damage from security breaches. The flexible, fine-grained Centrify Privilege Elevation Service lets administrators get work done, reduces risk, and makes implementing a just-in-time privilege model easy with role-based access controls.
Centrally Grant, Revoke, and Govern Privilege

Role-Based Access Controls Make Least Privilege Easy
Least privilege policies give organizations essential control over their users’ privilege and reduce the risk associated with user error, malicious attacks, and security breaches. IT administrators use Centrify Zones to configure roles and grant users just enough privilege and access to the right set of infrastructure. Assigning new users to a role, moving users from one role to another, or disabling access for users who leave the company is simple with Centrify Server Suite. Roles can optionally be assigned and revoked through existing provisioning systems.

Seamless Privilege Elevation with Dynamic Access Restrictions
Secure your Windows, Linux, and UNIX systems by controlling who can access what and when. Unlike de-centralized single-purpose tools like sudo, Centrify enables the configuration of dynamic privileges so that users can only elevate privilege at specific times, based on job function, and on targeted systems. Servers can be isolated based on time and trust relationships to further protect sensitive data. And because users always log in as themselves — not as root or local admin — they can continue work without disruption by seamlessly elevating privilege as needed.

Powerful Tools Automate Role Creation and Assignment
Centrify provides a robust set of tools to simplify the adoption and management of a least privilege model that delivers just enough privilege for administrators. Centrify Server Suite includes tools and APIs to assign pre-defined roles and rights, import existing sudo files, automate the creation of new roles and rights, create reports, and satisfy audit requirements.