Story image

ThycoticCentrify builds on vision for modern PAM with latest integration

By Catherine Knowles, Tue 9 Nov 2021

ThycoticCentrify has leveraged the ThycoticCentrify platform to integrate with Secret Server, its privileged account and session management solution.

The combination avails Secret Server customers to a range of SaaS services, establishing the foundation of modern PAM strategies and centralising access and visibility to credentials for faster time to access, risk identification and resolution, the company states.

Customers now have access to credentials vaulted in multiple Secret Server instances from a single portal.

In addition, Secret Server can now consume platform capabilities such as enhanced remote access with VPN-less login and extensive second factors for multi-factor authentication (MFA).

With the 21.7 release of its Cloud Suite product, ThycoticCentrify also delivers centralised, fine-grained control of access and privilege for Windows and Linux servers.

With PAM policies centrally managed in the platform, organisations can scope varying degrees of privileged access that better align with job functions, allowing administrators to elevate permissions, just in time, to run privileged applications or commands.

Unless their identity is consistent, when users log in to different Linux systems, mount central file shares, and create files and folders, the file system can deny access, affecting productivity, the company states.

In the 21.7 release, when a user with a Linux profile defined in the platform logs into a Linux server, Cloud Suite ensures their correct profile attributes are associated with the session.

The clients on the host systems perform user identifier and group identifier rationalisation and preserve this across user sessions. Resource access is assured, avoiding a disruption in usage, according to the company.

In addition, ThycoticCentrify has also extended the MFA redirection capabilities of Cloud Suite. Privileged users can now perform additional authentication on behalf of another user, such as alternate-admin or dash-A accounts.

With MFA redirection, second factors of authentication only need to be configured on the main user's account. They will then be applied when using any alternate administrative accounts and an MFA policy is triggered.

For example, system administrators may have a primary low-privilege account for routine tasks such as email and web surfing, and additional alternate-admin or dash-a accounts used for privileged tasks.

MFA redirection previously supported Centrify's mobile app as the only second factor. The new feature extends this capability to all second factors supported by the platform.

According to the company, benefits include reduced second-factor maintenance for administrators, as well as for applications using service accounts that require additional proof of legitimacy from a human.

ThycoticCentrify chief technology officer David McNeely says, “Our platform is the foundational layer that connects ThycoticCentrify's core vaulting and privilege elevation solutions, leveraging the similar cloud architectures of each to deliver new insights and value for modern, hybrid enterprises.

"Centralising access empowers security and IT teams to quickly access a range of accounts across multiple vaults, whether optimising day-to-day operations or during time-critical instances such as active cyber attacks.”

Recent stories
More stories