Centrify Delivers Federated Privileged Access Service to Protect Enterprises with Outsourced IT

Centrify_150Yesterday, Centrify, a provider of Identity and Access Managment (IAM) and Privileged Identity Management (PIM) solutions, announced a major advancement in its Privileged Identity Management solution.

Centrify is now the first vendor in the industry to support federated privileged access across an organization’s entire security eco-system, including secure outsourcing of IT and application development.  The solution is designed for an enterprise’s hybrid IT environment of cloud, mobile and on-premises and leverages the Centrify Identity Platform. Coupled with other major new features such as application-to-application password management (AAPM) and multi-factor authentication (MFA) for servers, Centrify claims that it’s Privileged Identity Management solution “reduces an enterprise’s attack surface and enables continuous compliance.”

According to Gartner, IT outsourcing will be a $335 billion industry by 2019. In addition, according to a December 2015 commissioned study conducted by Forrester Consulting on behalf of Centrify, 100 percent of organizations surveyed are outsourcing at least one IT function and at least one application development function.

“As more of today’s businesses outsource functions such as IT administration and rely on vendors to troubleshoot systems and applications, the need to govern and secure privileged sessions grows dramatically,” said Tom Kemp, CEO and co-founder of Centrify. “Given that compromised credentials are the leading attack vector in data breaches, and that many of the high profile breaches involved third party access, Centrify’s federated privileged access for third parties reduces an organization’s identity-related risk.”

Traditional privileged identity management solutions require organizations to create and manage identities for outsourced IT administrators within their internal environment and grant VPN access. This increases risk as the number of privileged accounts disconnected from an authoritative identity provider grows and more laptops establish VPN connections to internal networks.  The result is an expansion of potential attack points for hackers, disgruntled insiders and malware. By using their solution, Centrify believes that an organization can reduce this risk by enabling secure remote access for outsourced IT administrators and outsourced developers to its infrastructure through federated authentication.

The outsourcing service retains management of their employee identities, and the customer organization uses Centrify to grant web-based access and privilege for systems and applications.  Privileged access is governed through request and approval workflows, monitoring with optional termination of privileged sessions and reconciliation of approved access versus actual access to critical infrastructure.  The solution supports businesses outsourcing to more than one service organization while ensuring identity lifecycle management for outsourced IT administrators and developers remains with their employer, including the disabling of their enterprise identity upon employment termination.

You can download the Forrester Wave: Privileged Identity Management Q3 2016 and the Gartner Best Practices for Privileged Access Management Report courtesy of Centrify.

 

Jeff Edwards
Follow Jeff