SalesTech Star

ThycoticCentrify Modernizes Just-in-Time Privilege Elevation with Newest Release of Server Suite

Privacy and RegulationsIdentity Management
By STS News Desk
ThycoticCentrify Momentum Delivers Exceptional Q2 Results, with Year-Over-Year Sales and Customer Growth During Key Integration Period

Enhanced industry-leading privilege elevation platform leverages the power of the Centrify Client to ensure just-in-time access for time-critical activities

ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of privileged access management (PAM) leaders Thycotic and Centrify, today announced its newest update to Server Suite, including new capabilities that optimize just-in-time (JIT) privilege elevation workflows via the Centrify platform dynamically updating the Centrify Client. The latest version of the company’s flagship privilege elevation and delegation management (PEDM) solution now includes session audit data masking capabilities for UNIX to reduce the risk of exposing potentially sensitive or highly restricted data.

Read More: SalesTechStar Interview With Mary Shea, VP, Global Innovation Evangelist At Outreach

The principle of least privilege is recognized as an essential PAM best practice to support Zero Trust and zero standing privileges. When administrative tasks such as a system outage or a breach investigation require additional access, time is of the essence. However, while Active Directory (AD) has demonstrated its value as a central role management platform for over a decade, propagation of updated roles to endpoints can take hours, with potentially catastrophic repercussions.

With release 2021, Server Suite overcomes this issue by simultaneously updating AD and Centrify Client privilege policies through a mutually authenticated communication channel from the platform. As soon as access has been approved for the administrator, the local Client can enforce the updated policies, allowing the user to immediately login and elevate privilege as required to investigate and remediate. Thus, access is granted and available just-in-time, without compromising least privilege. This capability is only possible because of Server Suite’s client-based architecture, which can also enforce more advanced PAM capabilities such as real-time password reconciliation, delegated machine credentials, and brokered authentication.

“The pace of cyber-attacks is increasing, and that means administrators need to move faster to update and secure resources while still having controls in place that enforce least privilege,” said David McNeely, Chief Technology Officer at ThycoticCentrify. “In the newest version of Server Suite, we are simplifying just-in-time privileged access by removing extra steps, enabling organizations to adopt a ‘zero standing privileges’ security model by eliminating role-based assignments of privileged access rights. Our lightweight client and PAM platform establish a root of trust between all privileged identities, whether human or machine, to better distinguish between friend and foe and reduce risk.”

Server Suite’s Audit & Monitoring Service also includes new capabilities designed to limit exposure of passwords or other sensitive events captured in audit logs. Data masking for UNIX solves a critical challenge for highly regulated industries where data at rest can often be visible or, for example, when audit data is forwarded to a third-party event management tool such as Splunk®. Now, sensitive data in log files is masked on the server, so the original data is never exposed. Server Suite has also added auditing features, such as customization for prompts (including languages), audit reporting status to AD, and improved CPU utilization on Windows 10.

Other enhancements for multi-factor authentication (MFA) and chipset support include:

  • Silent authentication for duplicate Radius password prompts after MFA
  • Grace period control for both console and remote desktop protocol (RDP) sessions
  • Support for M1 chip for MacOS
  • DirectControl support for AMD ARM processor architecture (aarch64)
  • Support for smartcard authentication with AD user certificates to Ubuntu workstations

Read More: LogicMonitor Strengthens Partner Network Through Addition Of 13 Value-Added Resellers Across North…

Write in to psen@itechseries.com to learn more about our exclusive editorial packages and programs.

Continue Reading
STS News Desk 49030 posts 0 comments

The STS news desk represents a team of tech journalists who coordinate trending stories and breaking news on behalf of the SalesTechStar newsroom.

You might also like More from author
Brought to you by
For Sales, write to: contact@martechseries.com
Copyright © 2024- SalesTechStar. All Rights Reserved. Website Design:SalesTechStar | Privacy Policy
To repurpose or use any of the content or material on this and our sister sites, explicit written permission needs to be sought.