Federated first?

Cloud-based security solution minimises an organisation’s attack surface by governing and securing federated access by outsourced IT, vendors and other third parties.

  • 8 years ago Posted in
Centrify has launched a major advancement in its Privileged Identity Management solution. Centrify is now the first vendor in the industry to support federated privileged access across an organisation’s entire security eco-system, including secure outsourcing of IT and application development.  The solution is designed for an enterprise’s  hybrid IT environment of cloud, mobile and on-premises and leverages the Centrify Identity Platform. Coupled with other major new features such as application-to-application password management (AAPM) and multi-factor authentication (MFA) for servers, Centrify’s Privileged Identity Management solution reduces an enterprise’s attack surface and enables continuous compliance.
 
According to Gartner, IT outsourcing will be a $335 billion industry by 2019. In addition, according to a December 2015 commissioned study conducted by Forrester Consulting on behalf of Centrify, 100 percent of organisations surveyed are outsourcing at least one IT function and at least one application development function.
 
“As more of today’s businesses outsource functions such as IT administration and rely on vendors to troubleshoot systems and applications, the need to govern and secure privileged sessions grows dramatically,” said Tom Kemp, CEO and co-founder of Centrify. “Given that compromised credentials are the leading attack vector in data breaches, and that many of the high profile breaches involved third party access, Centrify’s federated privileged access for third parties reduces an organisation’s identity-related risk.”
 
Traditional privileged identity management solutions require organisations to create and manage identities for outsourced IT administrators within their internal environment and grant VPN access. This increases risk as the number of privileged accounts disconnected from an authoritative identity provider grows and more laptops establish VPN connections to internal networks.  The result is an expansion of potential attack points for hackers, disgruntled insiders and malware. By using Centrify’s solution, an organisation can reduce this risk by enabling secure remote access for outsourced IT administrators and outsourced developers to its infrastructure through federated authentication.
 
The outsourcing service retains management of their employee identities, and the customer organisation uses Centrify to grant web-based access and privilege for systems and applications.  Privileged access is governed through request and approval workflows, monitoring with optional termination of privileged sessions and reconciliation of approved access versus actual access to critical infrastructure.  The solution supports businesses outsourcing to more than one service organisation while ensuring identity lifecycle management for outsourced IT administrators and developers remains with their employer, including the disabling of their enterprise identity upon employment termination.
 
In addition to federated privileged access, Centrify’s products work in tandem to offer a comprehensive, integrated security solution built for the modern enterprise. New capabilities for Centrify’s identity management for privileged users solution include the following.
 
Minimise attack surface
?       Local account provisioning Centrally manage the lifecycle for application and service accounts on UNIX and Linux systems, and automatically secure and manage credentials and access.
?       Application-to-application password management ? Eliminate hard-coded, plain text account passwords from scripts and applications. Applications and scripts authenticate and retrieve passwords securely without human intervention, enabling organisations to meet compliance and security policies.
?       Privileged access request ? Grant temporary, time-bound privileged access to on-premises and cloud-based infrastructure to minimise attack surface and reduce risk.
?       Secure password storage ? In addition to using the secure data store of the Centrify Identity Platform to store all user, resource, account, and password information, Privilege Service now supports SafeNet KeySecure key management appliances from Gemalto for encrypted storage of account passwords on-premises.
 
Thwart in-progress attacks
?       Multifactor authentication for servers ? Protect against hackers using stolen passwords and credentials by configuring multi-factor authentication (MFA) for IT administrators who access Linux systems and require elevated privileges.
 
Govern access and prove compliance
?       Reconcile approved and actual access ? Easily prove access controls are working as designed by reconciling approved access with actual access.
?       Reporting services ? Report on who did what, where and when, who has access to what and how they can use that access to meet complex regulatory requirements. Select or schedule packaged attestation reports or create your own.
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...