In the age of cybersecurity, some form of attack or breach for corporations and government entities is not a matter of if but of when, especially since the leading attack vector is compromised credentials. Consequently, it is critical to have a privileged access management framework in place to minimize the risks and potential for damage that can occur.
However, as the saying goes, a chain is only as strong as its weakest link, and if a new solution is perceived to add overhead or impact productivity, then there is likely to be resistance to the adoption of it.
Centrify offers solutions that will actually enhance the user experience while simultaneously reducing the risk to the organization resulting in a win-win scenario.
- Privilege elevation for Windows and Unix with roll based access controls provide users with the ability to be able to authenticate as themselves and only run the privileged commands and tasks required for their role. This eliminates the need for separate user administration accounts which in turn reduces management and operational overhead by reducing the overall number of accounts.
- Multi-factor authentication with multiple options including e-mail, telephone call, SMS, one-time password, token authentication and smart cards.
- Privileged session monitoring and recording with host-based auditing to ensure that the solution cannot be bypassed and satisfies regulatory compliance requirements (SOX, HIPAA, FISMA, NIST, PCI or MAS), as well as providing customizable reporting and integration with SIEM systems.
- One click VPN-less access to web applications and server sessions (RDP and SSH) via a reverse proxy application gateway which significantly simplifies access both on-site and remote employees and third parties.
- A strong password management system for secure storage and managed password rotation of shared password accounts including break glass, local administrator and root accounts. Role based access for password checkout or session establishment without disclosing the password and integrated approval workflows.
All this on a platform that offers a holistic privileged identity management solution without the need for additional infrastructure to be added into the data center.
Learn best practices for privileged identity management in the modern enterprise here.