Increase Security in Your AWS Environment
- Federated access for AWS console
- Privileged access for EC2 instances
- Enterprise access for hosted apps
AWS Shared Responsibility Model
AWS and the AWS customer share responsibility for security.
AWS provides robust security for infrastructure and services as their part of the AWS shared responsibility model.
Securing operating systems, platforms and data remain the responsibility of the AWS customer, and Centrify can help.
Secure AWS Service Management
Vault the password for the AWS root account, and enforce MFA for break-glass access.
Extend your existing privileged access security solution by federating access to the AWS service, obviating the need for long-lived access keys.
Leverage any directory service to control AWS role assignment, and grant the right amount of privilege.
Privileged Access Security for EC2 Instances
Extend enterprise authentication to EC2 instances by brokering identities from your choice of directory services — Active Directory, LDAP or Google.
Minimize attack surface by securing shared accounts and remote access, granting just enough privilege, and auditing all activity across Windows and Linux.
Enforce MFA at session initiation, server login, and privilege elevation to stop in-progress attacks.
Enterprise Access for Hosted Apps
Extend enterprise identities to hosted applications with federated authentication for employees, business partners and customers.
Enforce MFA and Smart Card authentication to satisfy stringent security requirements, and prove compliance.
Minimize attack surface by securing remote access to applications running on EC2 instances without a VPN.
Flexible Deployment Options
Simplify privileged access security in hybrid IT environments with flexible solution deployment options.
Leverage the industry’s first Privileged Identity Management as a service (PIM-as-a-Service) offering, or install and manage a dedicated instance in your private cloud or on-premises.
Deployment tools and scripts make it easy to deploy the Centrify solution, enroll servers in the Cloud Service, vault root accounts, and automate setup of user access to servers.
Leverage Enterprise Identities
Securely extend your enterprise Active Directory to AWS, without replicating identities or identity infrastructure.
Federate enterprise users to your AWS environment, granting temporary access to AWS console and API interfaces.
Broker identities from your choice of directory services — Active Directory, LDAP and cloud directories such as Centrify’s and Google’s.
Six Best Practices for Securing Amazon Web Services
Businesses are responsible for the confidentiality, integrity, and availability of their data in the cloud, according to AWS’ shared responsibility model. This paper provides best practices for taking on your share of the security responsibility when moving to an AWS infrastructure.