The leader in securing hybrid enterprises, Centrify, through its power of identity services, has announced significant enhancements to their best-in-class privileged identity management (PIM) solution to prevent breaches which abuse the privilege. By reducing the attack surface and thus controlling privileged access to hybrid enterprise, the company’s new capabilities enable the organisations to move from static and long-lived privilege assignments to a better just-in-time model where the advanced monitoring detects and alerts in the real-time on the creation of backdoor accounts which make it easy to bypass a password vault.
Securing the privileged access in today’s hybrid enterprise is a mandatory in achieving mature risk posture. According to The Forrester Wave: the Privileged Identity Management, Q3 2016, 80 percent of breaches leverage privileged credentials to gain the access to organisation. The increasingly hybrid nature of the infrastructure, driven by adoption of cloud-based workloads, is driving need to secure the privileged access across the on-premises, public cloud and private cloud infrastructure and apps with single solution. And while most PIM solutions have been traditionally focused on vaulting those credentials for shared accounts password vaults, on-premises alone do not provide the level of privileged access security which is required to stop breach.
“The Data breaches are happening at an increasing rate and to stop them the Centrify is taking a unique approach to control the privileged access in hybrid enterprise which simplifies the implementation of the PIM best practices and strengthens an organisation’s risk posture,” said Bill Mann, chief product officer at Centrify. “By contrast, password vaults alone are not enough, best practices require organisations add and integrate point products to the vault, which leaves gaps in security and increases risk. We have closed those gaps with an integrated solution that combines password vaulting with brokering of identities, MFA enforcement and just enough privilege, all while securing remote access and monitoring all privileged sessions.”
source: itsecurityguru
