INTELLIGENT
INTELLIGENT CLOUD
Centrify announces new
cloud-ready zero trust
privilege services
entrify, a leading provider of
cloud-ready zero trust privilege
to secure modern enterprises,
has announced new cloud-ready solutions to
help stop the leading cause of data breaches
– privileged credential abuse.
Centrify Zero Trust Privilege helps
customers grant least privilege access based
on verifying who is requesting access, the
context of the request and the risk of the
access environment.
In addition, the company has successfully
integrated the Centrify Privileged Access
Service with SailPoint’s open identity
platform, IdentityIQ, easing the coordinated
adoption of zero trust privilege and identity
governance best practices.
Organisations may consider approaching
privileged access management (PAM) by
solely implementing password vaults, a
legacy approach that leaves gaps which can
easily be exploited.
In today’s environment, privileged access
not only covers infrastructure, databases
and network devices but is extended to
cloud environments, Big Data projects
and DevOps, and must secure hundreds of
containers or microservices.
By implementing zero trust privilege,
Centrify minimises the attack surface,
improves audit and compliance visibility, and
reduces risk, complexity and costs for the
modern, hybrid enterprise.
C
INTELLIGENT TECH CHANNELS
Issue 23
Centrify Zero Trust Privilege Services now
offer the following cloud-ready capabilities to
reduce risk and secure modern attack surfaces:
A cloud-ready solutions architecture
built with modern, hybrid enterprise
in mind to avoid vault-sprawl in
multi-virtual private cloud (VPC) and
multi-Infrastructure-as-a-Service (IaaS)
deployments. In turn, customers can
easily scale their privileged access
solution across multiple IaaS regions or
providers without expensive operating
models that include replicating and
constantly syncing vault instances.
Secure administrative access via
distributed jump box to reduce the risk
of introducing infections by ensuring
privileged access is granted only via
a clean source. To achieve this, access
should only be granted through locked
down, clean and distributed server
gateways. Administrators don’t need a
special workstation and can utilise their
interface of choice which can include
browser, native client or thick client to
access sensitive systems via a distributed
local jump box.
Multi-directory brokering via a newly
released Centrify client to provide
brokered authentication to Windows and
Unix systems via support for common
directories (e.g. Active Directory, LDAP,
Google Cloud, Centrify). Brokered
authentication allows organisations to
deploy workloads into the cloud while
still utilising their existing enterprise
directory solution, avoiding the risk
of exposing that directory externally,
replicating in the cloud or maintaining an
expensive site to site connection.
Centrify privileged access service is
now SailPoint certified, enabling joint
customers to leverage SailPoint IdentityIQ
for enterprise-wide provisioning,
governance and identity management
processes across all users, applications
and data, including those benefiting from
Centrify’s zero trust architecture.
“The solutions we are announcing take a
big step forward in redefining legacy PAM to
secure access to modern attack surfaces with
zero trust privilege,” said Tim Steinkopf, CEO of
Centrify. “Many of our customers have already
moved to cloud or hybrid IT environments
and our solutions are cloud-ready to support
them. However, we also have customers who
still need to secure privileged access to on-
premises infrastructure before they’re ready
to move to the cloud.
“Centrify Zero Trust Privilege Services
can meet the needs of on-premises, hybrid
or all-cloud environments with a multi-
tenant architecture – so no matter where an
organisation is in their cloud readiness, we
have a solution that is ready for them.”
41