Organisations must adopt zero trust approach while building cloud presence, Centrify

Tim Steinkopf, CEO of Centrify.
6 years ago

Centrify, announced new cloud-ready solutions to help stop the leading cause of data breaches, privileged credential abuse. Centrify Zero Trust Privilege helps customers grant least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. In addition, the company has successfully integrated the Centrify Privileged Access Service with SailPoint’s open identity platform, IdentityIQ, easing the coordinated adoption of Zero Trust Privilege and Identity Governance best practices.

Organisations may consider approaching Privileged Access Management by solely implementing password vaults, a legacy approach that leaves gaps which can easily be exploited. In today’s environment, privileged access not only covers infrastructure, databases, and network devices but is extended to cloud environments, Big Data projects, and DevOps, and must secure hundreds of containers or microservices. By implementing zero trust privilege, Centrify minimises the attack surface, improves audit and compliance visibility, and reduces risk, complexity and costs for the modern, hybrid enterprise.

Centrify Zero Trust Privilege Services now offer the following cloud-ready capabilities to reduce risk and secure modern attack surfaces:

A Cloud-Ready Solutions Architecture built with today’s modern, hybrid enterprise in mind to avoid vault-sprawl in multi-virtual private cloud VPC and multi-Infrastructure-as-a-Service IaaS deployments. In turn, customers can easily scale their privileged access solution across multiple IaaS regions or providers without expensive operating models that include replicating and constantly syncing vault instances.

Secure Administrative Access via Distributed Jump Box to reduce the risk of introducing infections by ensuring privileged access is granted only via a clean source. To achieve this, access should only be granted through locked down, clean and distributed Server Gateways. Administrators don’t need a special workstation and can utilise their interface of choice which can include browser, native client, or thick client to access sensitive systems via a distributed local jump box.

Multi-Directory Brokering via a newly released Centrify Client to provide brokered authentication to Windows and Unix systems via support for common directories, for example Active Directory, LDAP, Google Cloud, Centrify. Brokered authentication allows organisations to deploy workloads into the cloud while still utilising their existing enterprise directory solution, avoiding the risk of exposing that directory externally, replicating in the cloud or maintaining an expensive site to site connection.

Centrify Privileged Access Service is now SailPoint Certified, enabling joint customers to leverage SailPoint IdentityIQ for enterprise-wide provisioning, governance, and identity management processes across all users, applications and data, including those benefitting from Centrify’s Zero Trust architecture.

The old way of securing critical enterprise resources simply will not work in today’s diverse and sophisticated IT environments. Zero Trust assumes bad actors are already inside the network, hunting for privileged accounts and credentials that help them gain access to an organisation’s most critical on-premises and cloud infrastructure, as well as sensitive data. According to a recent survey of 1,000 IT decision makers, 74% of data breaches involved privileged credential abuse. Organisations must embrace a Zero Trust mandate of never trust, always verify, enforce least privilege, to minimise the risk of falling victim to a data breach.

Cloud-ready Zero Trust Privilege combines administrative password vaulting with brokering of identities, adaptive multi-factor authentication enforcement and just-in-time and just enough privilege, all while securing remote access and monitoring of all privileged sessions.

“The solutions we are announcing today take a big step forward in redefining legacy PAM to secure access to modern attack surfaces with Zero Trust Privilege,” said Tim Steinkopf, CEO of Centrify. “Many of our customers have already moved to cloud or hybrid IT environments, and our solutions are cloud-ready to support them. However, we also have customers who still need to secure privileged access to on-premises infrastructure before they are ready to move to the cloud. Centrify Zero Trust Privilege Services can meet the needs of on-premises, hybrid, or all-cloud environments with a multi-tenant architecture—so no matter where an organisation is in their cloud readiness, we have a solution that is ready for them.”


Key takeaways

  • The old way of securing critical enterprise resources simply will not work in today’s diverse and sophisticated IT environments.
  • Zero Trust assumes bad actors are already inside the network, hunting for privileged accounts that help them gain access.
  • According to a survey of 1,000 IT decision makers, 74% of data breaches involved privileged credential abuse.
  • Organisations must embrace Zero Trust mandate of never trust, always verify, enforce least privilege, to minimise risk.

Don't Miss

Kamel Heus, Regional Director, Northern, Southern Europe, Middle East and Africa at Centrify

Why cybersecurity lags behind the real world in readiness

There could not be something simpler than this common sense approach to
Nate Yocom, CTO of Centrify

Nate Yocom, Centrify’s CTO, on securing privileged access for remote admins

While many organisations already have telecommute policies and solutions in place, they