An inside look at enterprise

IT requests and solutions

MIGRATING TO THE CLOUD

INTRODUCTION

The following IT department requests explain each consideration

and the accompanying rationale. Find out which type of privileged

access security solution is recommended for a hybrid infrastructure.

Embracing the cloud presents new

considerations for companies who

need to secure privileged access

IT REQUEST#1

Security for anything not covered by the cloud provider.

IT REQUEST:

Rationale:

Amazon Web Services (AWS) provides robust

“security of the cloud” for infrastructure and hosting

services, but their Shared Responsibility Model makes

it clear that businesses are accountable for “security

in the cloud”. Securing operating systems, platforms,

and data remain our company’s responsibility.

Security Process Technology

AutomationSpeed

SOLUTION: Mitigate risks in the cloud with

a single platform that can control access,

enforce MFA, and manage privilege while

auditing all privileged activity.

By 2018, the

60%of enterprises that implement the

right cloud visibility and control

tools will face 1/3 fewer failures

than companies that don’t.

Gartner Study

IT REQUEST#1

IT REQUEST#2

Security Process Technology

IT REQUEST:

Rationale:

A new approach to secure our IaaS workloads.

A cloud infrastructure is a completely different

world than our on-premises environment and

will require an entirely new security model.

AutomationSpeed

SOLUTION: Rather than start over, leverage

your existing on-premises processes and

security model in an IaaS environment. The

AWS security best practices recommend that

“conventional security and compliance concepts

still apply in the cloud”. Centrify agrees.

53%of decision-makers prefer to

manage privileged identity

and access management

through a single platformForrester, Stop the Breach, 2017

IT REQUEST#2

IT REQUEST#3

A new identity infrastructure on AWS to maintain security in the cloud.

IT REQUEST:

Rationale:

Locking down privileged access in an IaaS

environment requires a new and different identity

infrastructure and new cloud identities.

Security Process Technology

AutomationSpeed

SOLUTION: Brokering identities enables customers to extend their choice of directory

services (Active Directory, LDAP or cloud

directories) to secure privileged access to

AWS instances without creating new identities.

58%of users admitted to sharing

credentials for commercial cloud

services, and 1 in 10 shared their credentials with people

outside their organization

2016 Global Software Survey, BSA | The

Software Alliance in partnership with IDC

IT REQUEST#3

IT REQUEST#4

Guidance on how to adopt cloud securely without sacrificing business agility.

IT REQUEST:

Rationale:

In order to remain compliant and

secure, we will have to factor extra time

into our cloud migration plan.

Security Process Technology

AutomationSpeed

SOLUTION: A single platform that implements

and extends AWS IAM best practices, as well as

step-by-step guidance on controlling privileged

access in the hybrid cloud makes it faster

and easier to securely migrate to AWS.

IT REQUEST#4

91%of mature Identity and Access

Management (IAM) companies have

an integrated platform in place rather

than point solutions

Forrester/Centrify

IT REQUEST#5

Automation tools and flexible deployment

IT REQUEST:

Rationale:

AWS environments are elastic and need

automated security. The solution needs to

secure privileged access to elastic hybrid

cloud and on-premises environments.

Security Process Technology

AutomationSpeed

SOLUTION: Complete automation through

deployment tools and scripts makes it easy

to secure access to servers and take their

privileged accounts under management.

While flexible solution deployment options

simplify privileged access security in hybrid

IT environments through PIM-as-a-service, or

dedicated instances in your private cloud or

on-premises.

66%of organizations still rely on

manual methods to manage

privileged accounts

Forrester Research’s Q3 2016

Wave report on PIM

IT REQUEST#5

CONCLUSIONCentrify Identity Services reduce the risk of

a data breach by minimizing the attack surface,

controlling privilege and auditing everything.

A single platform enables your company to

leverage and extend the same core security

best practices you apply to your on-premises

environment in the cloud.

Find out the realities of migrating securely to

a hybrid environment in our new eBook 5 Myths about Privileged Access Security for AWS.

Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognized leader

in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform

to secure every user’s access to apps and infrastructure in today’s boundaryless hybrid enterprise

through the power of identity services.

This is the Next Dimension of Security in the Age of Access.

Founded in 2004, Centrify is enabling over 5,000 customers, including over half the Fortune

50, to defend their organizations. Centrify is a privately held company based in Santa Clara,

California. To learn more visit www.centrify.com.

The Breach Stops Here.