Centrify debuts identity-centric privileged access management
Digital Transformation demands a more modern approach to least privilege based on individual identities, not vaulting shared accounts
Centrify has announced its vision and solutions for Identity-Centric Privileged Access Management (PAM), a modern approach to PAM that empowers organisations to simplify infrastructure management, protect against breaches, improve compliance postures, and securely transform their business by leveraging the cloud.
Emerging technologies fueling digital transformation are reshaping the enterprise IT environment. As organisations continue their digital transformation journeys, they struggle to manage an infrastructure that is fragmented across hybrid- and multi-cloud environments, resulting in data breaches, audit findings, and unnecessary overhead costs.
Underlying the foundation of digital transformation are privileged access controls, which ensure that only authorised individuals, machines, or services are permitted to access the right resources, at the right time, for the right reasons. Centrify enables digital transformation at scale, modernising how organisations secure privileged access across hybrid and multi-cloud environments by enforcing Identity-Centric PAM based on Zero Trust principles.
“The market is experiencing a changing threatscape, where PAM is shifting away from a vault-centric approach to a more secure and less cumbersome identity-centric requirement,” said Tim Steinkopf, CEO of Centrify. “Centrify’s Identity-Centric Privileged Access Management solutions evolve PAM to a seamless experience by leveraging individual identities, granting least privilege just-in-time, and empowering machines to protect themselves.”
Identity-Centric PAM is designed to handle requesters that are not only human but also machines, services, and APIs. For increased assurance, best practices now recommend strongly authenticated individual identities – not shared accounts – where least privilege can be applied. All controls must be dynamic and risk-aware, which requires modern machine learning and user behavior analytics. PAM must integrate and interoperate with a much broader ecosystem including the cloud providers, DevSecOps tools, containers, microservices, and more.
Centrify’s approach to Identity-Centric PAM is founded on the Zero Trust principles of, “Never trust, always verify, enforce least privilege.” Centrify helps customers minimise the attack surface, improve audit and compliance visibility, and reduce risk, complexity, and costs through seven pillars of Identity-Centric PAM:
- Establish trust: to enforce an authoritative security policy, securely establishing unique identities for every system with the authoritative security management platform.
- Verify who: leverage enterprise directory identities to authenticate and authorise humans, machines, or services, while eliminating local accounts and decreasing overall total number of accounts and passwords.
- Contextualise requests: leverage ITSM solutions to elevate privileges, leveraging context to make just-in-time access decisions and leave zero standing privileges.
- Secure admin environment: ensure access is only achieved through a clean source, reducing the risk of exposing servers to malware or introducing infections during a connection.
- Grant least privilege: allow Just enough privilege, for just enough time to get the job done. Enable just-in-time privilege based on temporary access through a simple request process, and limit lateral movement by only granting access to the target resources needed and no more.
- Audit everything: maintain audit logs and video recordings as evidence of compliance, a best practice for privileged sessions should forensic analysis or other review be required.
- Enable adaptive control: leverage modern machine learning algorithms to analyse user behavior, identity anomalous activities, and issue alerts and take active response.