A 2019 Centrify study found that privileged credential abuse is involved in almost three out of every four breaches, yet over half of organizations are not taking basic steps to prevent it.
Shockingly, 52% of respondents to the Centrify survey do not have a password vault, and 21% still have not implemented multi-factor authentication (MFA) for privileged administrative access. Privileged credentials provide cyber adversaries with the “keys to the kingdom” and a perfect camouflage for their data exfiltration efforts. The reality is that many breaches can be prevented by some of the most basic privileged access management (PAM) tactics and solutions, coupled with a Zero Trust approach. Yet most organizations are investing the largest chunk of their security budget on protecting their network perimeter rather than focusing on security controls which can effect positive change to protect against the leading attack vector: privileged access abuse.
This is a big mistake. The bottom line is that organizations need to make privileged access management a top priority. Gartner has listed PAM on its Top 10 Security Projects for the past two years for good reason.
At Centrify we’re committed to helping you to establish at least the basic PAM tactics by using our Centrify PAM-as-a-Service offering on AWS Marketplace. In turn you can avoid the IT project overhead that is typically associated with implementing an appliance-based password vault. And the great news is, Centrify Privileged Access Service is free for up to 50 registered systems and their associated service accounts. Thus, don’t wait but register today!
By subscribing to Centrify Privileged Access Service on AWS Marketplace, you can secure access to your hybrid infrastructure and start on your path towards Identity-Centric PAM. Your subscription gives you access to the following capabilities:
Discover and register all machines, then vault all shared, alternate admin and service accounts as well as secrets. Access to those accounts is then brokered for users, services and applications.
Secure, auto-rotate after checkout, and control access to passwords, SSH keys and privileged credentials based on policy to prevent cyber-attacks and meet audit and compliance requirements.
Secure Remote Access
Provide IT administration teams, outsourced IT and third-party vendors with secure, granular access to infrastructure resources regardless of location and without a virtual private network (VPN).
Secure Administrative Access Via Jump Box
Access should only be achieved via approved Privilege Admin Consoles, including web-based, native client or thick client access to systems via a Server Gateway that serves as a distributed jump box.
Access Request & Approval Workflow
Eliminate static and long-lived privilege grants. Govern temporary access to roles that grant privilege, shared account credentials and remote sessions with self-service access request and approvals.
Reinforced Security Policies With MFA
Integration with Centrify Privileged Access Service allows a consistent and easily maintainable MFA service for ALL privileged access, whether at system or vault login or during privilege elevation.
Extend enterprise authentication to Amazon EC2 instances or cloud resources by brokering authentication to your choice of directory services, eliminating local identity silos or duplicate directories.