Centrify Privileged Access Management:
Identity Consolidation and Least Privilege
Zero standing privileges and Zero Trust are security models popularized by analyst firms Gartner and Forrester, respectively. At their core are two observations: 1) the traditional network perimeter has disappeared 2) privileged accounts, a.k.a. “keys to the kingdom”, are a primary target for cyber attackers. With Centrify’s modern Privileged Access Management solution, you can eliminate duplicate identities and follow the Principle of Least Privilege (PoLP) to accelerate adoption of these best practice security models.
Trusted Insiders and Untrusted Outsiders
Historically, we relied on a defensible network perimeter around our data center and IT infrastructure. We delineated friend from foe by IP address that distinguished “insider” from “outsider.” Cloud transformation projects have spread IT infrastructure to the four winds, dissolving this perimeter. And the concept of trusted insiders and untrusted outsiders is dangerous – nobody should receive trust implicitly. All of this has forced us to rethink how we best protect critical systems and sensitive data, transforming strategies from network focused security to identity focused security.
Privileged Accounts Create Risk
Every privileged account is an attack vector. The more you have, the bigger your attack surface, and the greater your risk of a security breach. Also, the human element is a weak link. Trusting administrators to use accounts only when necessary, protect them from cyber attackers, and “do the right thing” is a high risk. Applying zero standing privileges and Zero Trust principles means eliminating these accounts and removing the implicit trust given to human administrators.
Let Centrify Help
Reduce Your Attack Surface by Eliminating Privileged Accounts
With Centrify Authentication Service, you eliminate as many local privileged accounts as possible, moving towards the state of zero standing privileges while securing the rest in Centrify Vault Suite. Reducing the number of privileged accounts and securing access to those that continue to exist results in a greatly reduced attack surface.
Enforce Least Privilege
With least privilege, you are adopting a Zero Trust approach. Instead of trusting Admins to share privileged accounts, they use their individual identity (in the enterprise directory) to do their job. To perform tasks, they request privilege, for a limited time, subject to approval. The results are improved risk posture, privileged access governance, and robust compliance.
Stop in-Progress Attacks with MFA
Centrify’s MFA Authentication Service strengthens identity assurance at each control point for privileged access. Whether applying MFA at system login, vault login or during privilege elevation the Centrify Platform powers a consistent and easily maintainable MFA Authentication Service for ALL privileged access.