EXPERIENCE PAM WITHOUT YOUR TYPICAL IT HEADACHE:
LEVERAGE CENTRIFY'S PAM-AS-A-SERVICE
A recent Centrify study found that privileged credential abuse is involved in almost three out of every four breaches, yet over half of organizations are not taking basic steps to prevent it.
Shockingly, 52% of respondents to the Centrify survey do not have a password vault, and 21% still have not implemented multi-factor authentication (MFA) for privileged administrative access. Privileged credentials provide cyber adversaries with the “keys to the kingdom” and a perfect camouflage for their data exfiltration efforts. The reality is that many breaches can be prevented by some of the most basic privileged access management (PAM) tactics and solutions, coupled with a Zero Trust approach. Yet most organization are investing the largest chunk of their security budget on protecting their network perimeter rather than focusing on security controls which can effect positive change to protect against the leading attack vector: privileged access abuse.
This is a big mistake. The bottom line is that organizations need to make privileged access management a top priority. Gartner has listed PAM on its Top 10 Security Projects for the past two years for good reason.
At Centrify we’re committed to helping you to establish at least the basic PAM tactics by using our Centrify PAM-as-a-Service offering on AWS Marketplace. In turn you can avoid the IT project overhead that is typically associated with implementing an appliance-based password vault. And the great news is, Centrify Privileged Access Service is free for up to 50 registered systems and their associated service accounts. Thus, don’t wait but register today!
By subscribing to the Centrify Privileged Access and Brokered Authentication Services on AWS Marketplace you can secure access to your hybrid infrastructure and start on your path towards Zero Trust Privilege. Your subscription gives you access to the following capabilities:
Discover and register all machines and then vault all shared, alternate admin and service accounts. Access to those accounts is then brokered for users, services and applications. At the same time, you can vault all your application passwords and secrets (e.g., IP addresses, SSH keys).
Secure, auto-rotate after checkout and control access to passwords, SSH keys and privileged credentials based on policy to prevent cyber-attacks and meet audit and compliance requirements.
SECURE REMOTE ACCESS
Provide your IT administration teams, outsourced IT and third-party vendors with secure, granular access to critical infrastructure resources regardless of location and without the hassles of a virtual private network (VPN).
SECURE ADMINISTRATIVE ACCESS VIA JUMP BOX
Access should only be achieved through approved Privilege Admin Consoles, which can include web-based, native client or thick client access to sensitive systems via a locked down and clean Server Gateway that serves as a distributed local jump box.
ACCESS REQUEST & APPROVAL WORKFLOW
Minimize your attack surface by eliminating static and long-lived privilege grants. Govern temporary access to roles that grant privilege, shared account credentials and remote sessions with self-service access request and multi-level approvals. Capture who approved access and reconcile approved access with actual access.
REINFORCE SECURITY POLICIES WITH MULTI-FACTOR AUTHENTICATION
Whether apply MFA at system or vault login or during privilege elevation, integration with the Centrify Privileged Access Service allows a consistent and easily maintainable MFA service for ALL privileged access. With the broadest range of authenticators and out-of-the-box support for NIST Level 2 and 3 Assurance Levels. We got you covered.
Extend your enterprise authentication to your Amazon EC2 instances or cloud resources by brokering authentication to your choice of directory services, thus eliminating local identity silos, site-to-site VPNs or duplicate directories in the cloud. The Centrify Privileged Access Service is pre-requisite for any Centrify Brokered Authentication capabilities. Activate by downloading and installing the Centrify Client for Linux or Windows and then registering those systems with the Centrify Privileged Access Service.