SERVER, NETWORK DEVICE AND ENDPOINT PASSWORDS WHERE YOU WANT THEM
The first step toward protecting access to critical account passwords is bringing them under management of Centrify Privileged Access Service, where your server and network device passwords are securely stored and managed. To assure the highest level of security, Centrify leverages government-grade encryption for secure storage.
Centrify Privileged Access Service creates an exclusive AES 256-bit encryption key for each tenant used to individually encrypt account passwords before being stored. Passwords are never stored, replicated or transmitted in the clear, regardless of whether the customer installs and manages their own instance of Centrify Privileged Access Service or subscribes to the Centrify Cloud Service. Centrify couples these encryption controls with stringent multi-layered cloud security and certifications (such as SOC 2, TRUSTe, as well as AWS and Microsoft Azure certifications that include FedRAMP, CSA, and G-Cloud) to deliver the best protection for these sensitive passwords from a cloud service perspective.
Centrify can also store passwords in a Gemalto SafeNet KeySecure key management appliance. If you already have an investment in SafeNet KeySecure — whether on-site or a virtual appliance in the cloud — or if you need more control over the encryption keys used to protect the passwords, this is an ideal complement to the Centrify Privileged Access Service.
Setup is quick and simple: create a SafeNet KeySecure instance and its matching configuration in the Centrify Privileged Access Service, generate SSL keys and then migrate the existing passwords to SafeNet KeySecure.
- Flexibility in where you store your privileged account passwords.
- Simple configuration — password migration between Centrify and Gemalto SafeNet.
- Private keys used to encrypt account passwords are kept under your control.
- Gemalto SafeNet’s dedicated cryptographic processor accelerates operations, improving performance.