Centrify, which specializes in securing enterprise identities against cyber threats, announced an upgrade to its Privileged Identity Management solution, which now supports federated privileged access across an organization’s security eco-system, including secure outsourcing of IT and application development.
The solution is designed for an enterprise’s hybrid IT environment of cloud, mobile and on-premises systems, and leverages the Centrify Identity Platform.
The update is coupled with other new features such as application-to-application password management (AAPM) and multi-factor authentication (MFA) for servers.
"We heard from several of our customers that they use outsourced IT support, as well as application development, and that managing identities and access is a challenge," David McNeely, vice president of product strategy at Centrify, told eWEEK. "We commissioned a study by Forrester, which found that 100 percent of respondents reported to be using at least one outsourced IT and one outsourced application development."
He explained that several of the recent high profile data breaches can be directly linked to outsourced third-party organizations with VPN connectivity, Centrify wanted to help their customers by addressing this issue using both federated authentication for the outsourced third party organizations, as well as Web-based secure remote access that doesn’t require VPN connectivity.
Federated Privileged Access enables organizations to set up a trusted relationship with their outsourcers while also protecting against cyber threats.
According to a report from IT research firm Gartner, IT outsourcing will be a $335 billion industry by 2019.
Centrify said organizations can reduce risk by enabling secure remote access for outsourced IT administrators and outsourced developers to its infrastructure through federated authentication.
The outsourcing service retains management of their employee identities, and the customer organization uses Centrify to grant Web-based access and privilege for systems and applications.
Privileged access is governed through request and approval workflows, monitoring with optional termination of privileged sessions and reconciliation of approved access versus actual access to critical infrastructure.
"Our cloud service enables us to terminate external user connections at the cloud and then grant terminal access within the browser after federated authentication," McNeely said. "This means that the cloud will authenticate the third- party outsourced IT vendor employee before they are granted access to the portal. Then we control which resources they can access, but then only grant that access through our application layer connectivity so that there is no need to establish a VPN connection, which stops any malware that might be on the vendor’s computers from establishing a foothold within the enterprise."