Grant Just Enough Privilege Across Windows, Linux and UNIX
A flexible, fine-grained privilege elevation service lets your users get work done, reduces risk and makes implementing a just-in-time, least-privilege model easy with role-based access controls.
Role-based Access Controls Make Least-privilege Easy
Least-privilege access gives you strong controls over your users’ privilege and reduces your risk from a range of threats. Centrify’s patented Zones technology provides highly granular, role-based access controls that simplify the implementation of a least-privilege model across Windows, Linux and UNIX systems.
Self-service Role Requests for Just-in-time Privilege
Minimize security risk by enabling administrators to systematically request a new role to obtain the rights they need to perform tasks. Access Request for Privileged Roles enables organizations to grant long-lived or temporary privileges and roles with a flexible, just-in-time model that accommodates fluctuating business needs.
Seamless Privilege Elevation with Dynamic Access Restrictions
Secure your Windows, Linux and UNIX systems by controlling exactly who can access what and when. Unlike de-centralized single-purpose tools like sudo, Centrify enables the configuration of dynamic privileges so that users can only elevate privilege at specific times, for a length of time and on certain servers. You can also isolate servers based on time and trust relationships to further protect sensitive data.
Powerful Tools Automate Privilege Creation and Assignment
Centrify provides a powerful set of tools to simplify adoption and management of a least-privilege access model. Privilege Elevation Service includes tools and APIs to assess identity-related risk, assign pre-defined roles and rights, import existing sudo files, automate the creation of new roles and rights, create reports and meet audit requirements.
Centrify White Paper
Best Practices for Privileged Identity Management in the Modern Enterprise
This white paper examines trends and formulates best practices for managing risks in the areas of identity consolidation, privileged session management, SuperUser privilege management, shared account password management, and secure vpn-less remote access.