Consolidate Identities to Reduce the Attack Surface
Today's threatscape differs dramatically from the past, where humans accessed an organization’s infrastructure, databases, and network devices which all resided inside a well-defined boundary. Nowadays, privileged access management (PAM) must handle requesters that are not only human but also machines, services, and APIs. There will still be shared accounts, but for increased assurance, best practices now recommend individual identities, not shared accounts, where least privilege can be applied. Whether working to mitigate the risk of insider threats or to meet PCI DSS, SOX, or other industry mandates and government regulations in an increasingly heterogeneous and distributed environment, IT organizations require a modern Privileged Access Management solution that enables centralized visibility and control over identities, privileged access management, and privileged user activity.
The Centrify Authentication Service data sheet outlines how customers can go beyond the vault and allows properly verifying who requests privileged access. This is achieved by leveraging enterprise directory identities, eliminating local accounts, and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.