Together, we’re better. Centrify has teamed up with Amazon Web Services (AWS) to unlock the synergies of both companies’ solutions.
Increase Security in Your AWS Environment
Leveraging built-in Infrastructure-as-a-Service (IaaS) security is a good start, but even cloud service provider AWS recommends extending these security best practices. While AWS provides an excellent layer of foundational security for services, their shared responsibility model is clear – “businesses are still responsible for the confidentiality, integrity, and availability of their data in the cloud.”
Centrify Zero Trust Privilege Services augment AWS’ built-in security to assure you’re securing privileged access to your cloud environment.
Six Best Practices for Increasing Security in AWS
Common Security Model
Conventional security and compliance concepts still apply in the hybrid cloud. Leverage and extend on-premises access policies to deploy infrastructure quickly and securely in AWS.
ELIMINATE EC2 KEY PAIRS
Minimize attack points by leveraging Active Directory, LDAP and cloud directories, such as Google’s, versus creating local accounts and managing EC2 key pairs for authentication.
Leverage existing user accounts or federate access to services and resources in AWS. Create fine-grained permissions to resources and apply them to users through groups or roles.
LEAST PRIVILEGE ACCESS
Grant users just the access they need in the AWS console and on EC2 instances. Implement cross-platform privilege management for AWS console, Windows and Linux.
Log and monitor both authorized and unauthorized activity in EC2 instances. Associate all activity to an individual and report on both privileged activity and access.
Thwart in-progress attacks in AWS. Consistently implement MFA for AWS service management, on login and privilege elevation for EC2 instances.
Let Centrify help you secure your AWS environments by offering the following capabilities:
AWS Shared Responsibility Model
AWS and the AWS customer share responsibility for security.
AWS provides robust security for infrastructure and services as their part of the AWS shared responsibility model.
Securing operating systems, platforms and data remain the responsibility of the AWS customer, and Centrify can help.
Federated Access for AWS Console
Vault the password for the AWS root account and enforce MFA for break-glass access.
Extend your existing privileged access security solution by federating access to the AWS service, obviating the need for long-lived access keys.
Leverage any directory service to control AWS role assignment and grant the right amount of privilege.
Privileged Access Security for EC2 Instances
Extend enterprise authentication to EC2 instances by brokering identities from your choice of directory services — Active Directory, LDAP or Google.
Minimize attack surface by securing shared accounts and remote access, granting just enough privilege, and auditing all activity across Windows and Linux.
Enforce MFA at session initiation, server login, and privilege elevation to stop in-progress attacks.
Flexible Deployment Options
Simplify privileged access security in hybrid IT environments with flexible solution deployment options.
Leverage the industry’s first Privileged Access Management-as-a-Service (PAM-as-a-Service) offering or install and manage a dedicated instance in your private cloud or on-premises.
Deployment tools and scripts make it easy to deploy the Centrify Zero Trust Privilege Services, enroll servers in the Cloud Service, vault root accounts and automate setup of user access to servers.
Leverage Enterprise Identities
Securely extend your enterprise Active Directory to AWS, without replicating identities or identity infrastructure.
Federate enterprise users to your AWS environment, granting temporary access to AWS console and API interfaces.
Broker identities from your choice of directory services — Active Directory, LDAP and cloud directories such as those offered by Centrify and Google.
Want to Learn More About How to Increase Security in Your AWS Environment with Centrify?
Increase Security for Amazon Web Services (AWS) Environments
5 Myths About Privileged Access Security for AWS
Six Best Practices for Securing Amazon Web Services
Hybrid IT for Modern Enterprises – DevOps Automation for AWS EC2 Linux Instances
This demonstration provides use case scenarios of Centrify’s Privileged Access Security solution for AWS EC2 instances.