Privilege Elevation
Grant Just Enough Privilege Across Windows, Linux and UNIX
A flexible, fine-grained privilege elevation service lets your users get work done, reduces risk and makes implementing a just-in-time, least-privilege model easy with role-based access controls.
A Single Source of Identity Makes Assigning, Changing and Auditing Privileges Easy
Reduce the risk of attack through individuals with too much privilege. Implementing least-privilege access limits potential damage from security breaches
Increase security and accountability by having fewer shared accounts and vaulted credentials. Easily assign or revoke privileges for users across Windows, Linux and UNIX systems
Realize operational efficiencies through integrated authorization, authentication and audit that leverages existing investments in Active Directory
Prove compliance with regulations and industry mandates to auditors with a single view into the control and security of user privileges
Ensure all privileged activity is tied to an individual. Users log in as themselves, seamlessly elevate privilege and all activity is audited
Enable just-in-time privilege by requiring workflow-based management approvals for credential checkouts, privileged sessions and privileged roles
Role-based Access Controls Make Least-privilege Easy
Least-privilege access gives you strong controls over your users’ privilege and reduces your risk from a range of threats. Centrify’s patented Zones technology provides highly granular, role-based access controls that simplify the implementation of a least-privilege model across Windows, Linux and UNIX systems.
Self-service Role Requests for Just-in-time Privilege
Minimize security risk by enabling administrators to systematically request a new role to obtain the rights they need to perform tasks. Access Request for Privileged Roles enables organizations to grant long-lived or temporary privileges and roles with a flexible, just-in-time model that accommodates fluctuating business needs.
Seamless Privilege Elevation with Dynamic Access Restrictions
Secure your Windows, Linux and UNIX systems by controlling exactly who can access what and when. Unlike de-centralized single-purpose tools like sudo, Centrify enables the configuration of dynamic privileges so that users can only elevate privilege at specific times, for a length of time and on certain servers. You can also isolate servers based on time and trust relationships to further protect sensitive data.
Powerful Tools Automate Privilege Creation and Assignment
Centrify provides a powerful set of tools to simplify adoption and management of a least-privilege access model. Privilege Elevation Service includes tools and APIs to assess identity-related risk, assign pre-defined roles and rights, import existing sudo files, automate the creation of new roles and rights, create reports and meet audit requirements.
Centrify White Paper
Best Practices for Privileged Identity Management in the Modern Enterprise
This white paper examines trends and formulates best practices for managing risks in the areas of identity consolidation, privileged session management, SuperUser privilege management, shared account password management, and secure vpn-less remote access.
