Server, Network Device and Endpoint Passwords Where You Want Them
The first step toward protecting access to critical account passwords is bringing them under management of Centrify Infrastructure Services, where your server and network device passwords are securely stored and managed.
Infrastructure Services creates an exclusive AES 256-bit encryption key for each tenant used to individually encrypt account passwords before being stored. Passwords are never stored, replicated or transmitted in the clear, regardless of whether the customer installs and manages their own instance of Infrastructure Services or deploys the Centrify cloud service. Centrify couples these encryption controls with stringent multi-layered cloud security and certifications (such as SOC 2, TRUSTe, and Microsoft Azure certifications that include FEDRAMP, CSA, and G-Cloud) to deliver the best protection for these sensitive passwords from a cloud service.
Centrify can also store passwords in a Gemalto SafeNet KeySecureTM key management appliance. If you already have an investment in KeySecure — whether on-site or a virtual appliance in the cloud — or if you need more control over the encryption keys used to protect the passwords, this is an ideal complement to Infrastructure Services.
Setup is quick and simple — create a SafeNet KeySecure instance and configuration in Infrastructure Services, SSL keys, and migrate existing passwords to KeySecure.
Centrify supports all current SafeNet KeySecure appliance models:
K460 - with built-in hardware security module (HSM)
SafeNet Virtual KeySecure — available from leading cloud IaaS providers
Flexibility in where you store your privileged account passwords
Simple configuration - password migration between Centrify and SafeNet
Private keys used to encrypt account passwords are kept under your control