UPDATED 08:30 EDT / JANUARY 12 2016

NEWS

Centrify tackles IT outsourcing security risks with new access controls

As the complexity of enterprise technology infrastructure continues to increase, so does the number of outsourced personnel CIOs are bringing aboard to support their operations. The trend is opening a new channel of attack for hackers that Centrify Inc. hopes to close with the latest iteration of its cloud-based login manager that was announced this morning. The service acts as a buffer between external workers and the sensitive systems they are tasked with maintaining.

An organization’s internal security staff can configure Centrify Privileged Identity Management to restrict what parts of its infrastructure are accessible by a contractor based on their role. That way, outsourced talent like, say, remote developers, may be limited to using only the servers set aside for the application project they were hired to complete. The service is able to similarly curb the scope of permitted activities on that hardware in a manner that reduces the potential for abuse without hindering worker productivity, according to the firm.

If a contractor has to perform some special action that necessities broader access than what the client organization’s default configurations allow, they can to ask for extra permissions through a purpose-built communications mechanism in Centrify’s online login portal. The security administrator on the receiving end may choose to refuse the request if they detect signs of malicious activity, or, in the event nothing is out of order, set time limits on the additional account privileges to ensure they are not used for anything other than the stated purpose.

The feature removes the need to grant advanced access permissions on a permanent basis to outsourced workers who only require they periodically, thereby drastically reducing the potential damage from an account breach. The new iteration of Centrify’s service enables organizations to further limit the amount of havoc hackers can wreck with a multifactor authentication mechanism capable of blocking malicious login attempts that employ stolen credentials. Rounding out the value proposition is reporting functionality that makes it easier for administrators to pick up on such incidents and report them to their superiors.

Image via Pixelcreatures

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU