English

Privileged Access Security

Secure the modern enterprise by granting both internal and outsourced IT secure, privileged access to hybrid infrastructure.

What is Privileged Access Security?

Privileged Access Security enables organizations to reduce the risk of security breaches by minimizing the attack surface. Centrify’s privileged identity management solutions help you consolidate identities, deliver cross-platform, least-privilege access and control shared accounts, while securing remote access and auditing all privileged sessions.

Manage Hybrid IT

Comprehensive privileged identity management for Infrastructure-as-a-Service (IaaS)

Manage Privileged Users

Cross-platform least-privilege access and control of shared accounts

Audit & Compliance

Detailed session recording and comprehensive compliance reporting

Why Privileged Access Security?

The modern enterprise is a blended on-premises and cloud infrastructure, including Infrastructure-as-a-Service environments, with an increasing reliance on outsourced IT. This exposes a greater attack surface, increasing the risk of a data breach. Because the risk of compromised credentials is the single greatest threat to your infrastructure, a new approach to privileged identity management is required — an approach aligned with the realities of the modern enterprise.

View This Infographic From Forrester's Study

Benefits of Unified Privileged Identity Management

Benefits for Executives

Secure privileged access to the hybrid enterprise
Privileged users are no longer entirely inside the perimeter, nor is your infrastructure. Consistently control access to hybrid infrastructure for both on-premises and remote users.

Reduce complexity with an integrated solution
Control access to infrastructure and privileges, enforce individual accountability where you can, share privileged accounts where you must — and audit across both.

Comprehensive access control compliance
Leverage a single source for internal auditors to prove access controls are in place and working across individual and shared administrative accounts.

BENEFITS FOR IT LEADERS

Minimize the attack surface with just-in-time privilege
Built-in access approval workflows provide just enough privilege when needed for password checkout, privileged sessions and administrative roles.

Enable intelligent, automated, real-time decisions for granting privileged access
Combine risk-level with role-based access controls, user context and multi-factor authentication (MFA).

Save cost with an integrated solution for privileged identity management (PIM)
Simplified, true cross-platform least privilege access and shared account password management — both fully integrated with detailed auditing — using your existing directory infrastructure.

Enable cost-effective compliance and auditing
Reduce audit costs through combined access and activity reporting across both individual and shared accounts, on-premises and in the cloud – with full video capture of all privileged sessions.

BENEFITS FOR IT USERS

Improve IT productivity
Internal users continue to perform their job without disruption, and external (including third party) users leverage secure remote privileged access.

Get the access you need
Centrally managed access assigned through roles provides IT users with fast, secure access to the resources you need to manage.

Easily access servers and network infrastructure
Secure access to specific servers and network devices without the hassle of establishing a VPN connection.

Next Dimension Security Reduces Risk

Unified solution to reduce risk across cloud, mobile and data center.

Cyber Attack Lifecycle*

How Centrify Stops the Breach

Gain Initial Access Into Target

Identity Assurance

Detect threats in real-time with risk-based access controls for privileged accounts —

Watch Video

Stop in-progress attacks with MFA at Server Login

Limit Lateral Movement

Establish partner eco-system without creating identities

Provide secure remote access for privileged users without VPN risk

Least Privilege Access

Increase security and accountability by having fewer shared accounts using least-privilege

Keep control of privileged sessions and password checkouts with request and approval workflows, time-bound access and session monitoring

Provide just-in-time privilege with self-service role requests

Log & Monitor

Proxy-Level Session Recording

Detect malicious activity despite obfuscation through aliasing, prevent device mounting including USB drives —

Watch Video

Identify suspicious activity quickly with integrated SIEM alerting

Track high-risk activity back to the individual with host-level session recording

Strengthen Position within Target

Identity Assurance

Secure, encrypt and manage application passwords —

Watch Video
Least Privilege Access

Increase security and accountability by having fewer shared accounts using role-based access control for least-privilege

Provide just-in-time privilege with self-service role requests —

Watch Video
Log & Monitor

Detect Creation of Backdoor —

Watch Video

Identify suspicious activity quickly with integrated SIEM alerting

Steal Valid User Credentials

Identity Assurance

Prompt for a second factor when elevating privilege to run highly privileged commands

Maintain individual accountability when switching users (su command) —

Watch Video

Stop in-progress attacks with real-time monitoring of malicious aliasing and scripting —

Watch Video
Limit Lateral Movement

Mitigate risk by neutralizing hash impact

Least Privilege Access

Increase security and accountability by having fewer shared accounts using least-privilege

Maintain integrity of local audit files

Provide just-in-time privilege with self-service role requests —

Watch Video

Restrict access rights of privileged roles to specific systems, services or apps with restricted shell

Log & Monitor

Report on who did what, where and when, who has access to what and how they can use that access

IDENTIFY TARGET DATA

Identity Assurance

Prompt for second factor when elevating privilege to run highly privileged command

Secure, encrypt and manage application passwords —

Watch Video
Limit Lateral Movement

Enforce Group Policies for firewall settings & RDP/SSH sessions

Federate privileged access and VPN-Less remote access

Leverage Zone technology to manage user or server roles to prevent lateral movement and enforce segregation of duties

Restrict access and dynamically segmenting network with tiered access and tighter control

Secure sensitive information by dynamically isolating and protecting cross-platform systems for IPSec

Monitor privileged sessions that leverage Telnet, SCP, FTP, SSH

Log & Monitor

Track high-risk activity back to the individual with host-level session recording

Identify suspicious activity quickly with integrated SIEM alerting

PACKAGE AND STEAL TARGET DATA

Limit Lateral Movement

Monitor privileged sessions that levarage Telnet, SCP, FTP, SSH

Least Privilege Access

Restrict access rights of privileged roles to specific systems, services or apps with restricted shell, whitelisting or App Locker

Log & Monitor

Detect malicious activity despite obfuscation though aliasing, prevent device mounting including USB drives —

Watch Video

Identify suspicious activity quickly with integrated SIEM alerting


* Source: Mandiant, A FireEye Company

Benefits

Get users to login as themselves, while maximizing control over privileged accounts

Control access to infrastructure and privileges and enforce individual accountability

Consistently control access to hybrid infrastructure for both on-premises and remote users

Provide a single source for internal auditors to ensure controls are in place across all accounts

BEST PRACTICES

Get Users to Log in as Themselves, while Maximizing Control over Privileged Accounts

Privileged Access Security Solutions

Federated Privileged Access

Enable secure remote access for outsourced IT administrators and third-party developers to your infrastructure through federated authentication.

Learn More

Windows Server Protection

Establish granular user privilege and auditing of access to Windows infrastructure.

Learn More

MFA Everywhere

Prevent compromised credentials by implementing multi-factor authentication across every user and every IT resource. Block cyberattacks at multiple points in the attack chain.

Learn More

Least Privileged Access

Establish a ‘least privileged access’ model with granular, role-based access to individual commands.

Learn More

Secure Third-Party Access

Secure and manage third-party access to corporate systems.

Learn More

Centrify Identity Platform

Protect against the leading cause of cyberthreats — compromised credentials — with a complete set of solutions to secure the modern enterprise.

  • All Users: Employees, contractors, privileged users, partners, customers
  • All Apps: Cloud or on premises
  • All Resources: Network infrastructure, outsourced IT, Mac and mobile devices
Learn More