Centrify's Identity Service platform is comprised of 3 main areas that support the productivity and security posture of every organization's critical infrastructure. These focus areas are Centrify Application Services, Centrify Endpoint Services and Centrify Infrastructure Services.
With the proliferation of business apps running on multiple devices, all making demands on sensitive corporate data – the call for secure access has never been greater. Centrify Application Services addresses that need with a single sign-on (SSO) solution for all those cloud, mobile and on-premise apps with support for internal employees and external users such as partners or contractors. Rather than asking users to memorize hundreds of unique passwords or worse, a single password used hundreds of times, Centrify Application Service’s SSO requires user name and password just once to ensure secure access across every app and device. By simplifying authentication with one-click access, controlled by IT and leveraging SAML standards, departments can eliminate the use of weak and improperly stored passwords forever.
Centrify Application Services offer wizard-based or manual setup, making it quick and intuitive to apply SSO to a database of pre-configured web or mobile apps. These templates can then be used to integrate custom applications while the Infinite Apps feature enables new apps to be added without leaving the browser. On-Premises App Gateway offers secure remote access to SAP and SharePoint, alongside App Server Plugins for Active Directory account access to SAP, Apache, Java/J2EE, DB2 and Oracle. Automatically manage accounts for dictating role-based user provisions and permissions, while tracking user access via admin-level activity dashboards. Enterprise mobility and Mac management features keep devices and native apps secured, adding locking and wiping capabilities for remote machines by leveraging Active Directory Group Policy.
Centrify Endpoint Services helps prevent breaches that begin on endpoints. Customers are able to grant access to their apps and infrastructure only from trusted and secured endpoints. This simplifies management and enhances the level of security for organizations with heterogeneous endpoints. For example, Mac administrators are able to join the company's Macs to Active Directory, or any other directory, to leverage the power of GPO's. Administrators can centrally manage security policy for macs, mobile devices and applications as a result.
Included in this focus area, is adaptive MFA which includes authentication factors like mobile fingerprints, mobile push notifications, Smart Cards, OTP tokens and more. These flexible authentication factors allow users to quickly authenticate to the devices they prefer, and the apps they need.
Finally, Centrify's Infrastructure Services helps IT Security teams minimize the attack surface even more by controlling privileged access to their hybrid enterprise with identity assurance, just-in-time/just enough privilege, advanced monitoring and reporting.
Our customers with geographically dispersed infrastructure resources (on-premises and private or public cloud) and the need to leverage identities in Active Directory, LDAP or cloud directories, rely on our Identity Broker tool to facilitate a secure connection for authentication. That coupled with risk-based multi-factor authentication for IT admins who access Windows and Linux servers, elevate privilege or leverage privileged credentials, make Centrify Infrastructure Services very sticky in the marketplace. We are even able to facilitate self-service privilege elevation, that allows requests for a specified role and time period, and if approved, automatically revokes that entitlement upon expiration. This suite also offers comprehensive auditing and reporting features that identify suspicious user activity, conducts forensic investigations and proves compliance with privileged session monitoring and the auditing of shared administrative accounts.
Centrify's Infrastructure Services provides remote personnel secure privileged access to cloud and on-premise systems to carry out remote administration tasks - especially where passwords are shared. For these purposes, we offer Shared Account Password Management (SAPM) as well, which gives authorized internal users, outsourced IT and 3rd party vendors secure, always-on access to critical shared account passwords (while maintaining control over who has access, which account passwords they have access to and how those passwords are managed).
As you can see, our elaborate platform gives organizations the resources they need to strategically bolster their security posture without having to coordinate multiple vendor deployments and consider whether or not point-solution vendors can be integrated.
There are many many ways to use Centrify for identity management. From SSO to Password Vault to even some privileged account management.
Centrify is one of the priciest solutions available compared to similar products in the space. The solutions is also very complex and difficult to deploy. I have seen may issues arise during implementation. The UI also seems outdated and not as efficient as other competitors.
Likelihood to recommend
APPLICATION SERVICES - Stop Breaches That Target Apps
Centrify Application Services improves end user productivity and secures every user’s access to apps through single sign-on, multi-factor authentication and mobility management. Application Services supports internal users (employees, contractors) and external users (partners, customers).
Single Sign-On – One-click access to your cloud, mobile and on-premises apps. No more forgotten passwords, no more user confusion.
Learn more: https://www.centrify.com/products/identity-service/sso/
Adaptive MFA for App Access – A common sense approach to multi-factor authentication with risk-based policy that does not hinder end-user productivity.
Learn more: https://www.centrify.com/products/identity-service/adaptive-multi-factor-authentication/
Workflow & Lifecycle Management – Automatically route application requests, create accounts, manage entitlements within those accounts, and revoke access when necessary. Provision users across apps, all from a central control point.
Learn more: https://www.centrify.com/products/identity-service/user-provisioning/
Mobility Management – Manage devices, secure native mobile apps and provide context for smarter access decisions. Learn more: https://www.centrify.com/products/identity-service/emm/
App Gateway – Provide your IT administration teams with secure, granular access to infrastructure regardless of location and without the hassles of a VPN.
Learn more: https://www.centrify.com/products/privilege-service/secure-remote-access/
ENDPOINT SERVICES - Stop Breaches That Start on Endpoints
Grant access to apps and infrastructure only from trusted and secured endpoints. Manage and secure your heterogeneous endpoints through a single source of identity and a least privilege access model.
Mac and Mobile Device Management – Join Macs to Active Directory and manage them with Group Policy. Centrally manage security policy for Macs, mobile devices and applications.
Learn more: https://www.centrify.com/products/identity-service/mac-management/ or http://bit.ly/centrifyemm
Adaptive MFA for Endpoints – Protect endpoints with mobile fingerprints, mobile push notifications, Smart Cards, OTP tokens and more. Thanks to flexible authentication factors, users can quickly authenticate to the devices they prefer, and the apps they need.
Learn more: https://www.centrify.com/products/identity-service/adaptive-multi-factor-authentication/ or http://bit.ly/centrifymfa
App Management – Deploy thousands of built-in cloud and mobile apps instantly. Add custom apps in seconds. Simple, comprehensive single sign-on and app management.
Learn more: https://www.centrify.com/products/identity-service/app-catalog/ or http://bit.ly/centrifyapps
Endpoint Privilege Management – A flexible, highly granular privilege management solution lets your users get work done, reduces your risks and makes implementing a just-in-time, least-privilege approach easy with role-based access controls.
Learn more: https://www.centrify.com/products/server-suite/privilege-management/ or http://bit.ly/centrifyepim
Smartcard & Derived Credentials – Centrify’s derived credential solution allows mobile devices to be used for secure mobile access to apps, websites and services that require Smart Card authentication. It extends Centrify’s integration of identity-based security to mobility, offering secure single sign-on (SSO) in even the most highly regulated environments.
Learn more: https://www.centrify.com/products/identity-service/emm/derived-credentials/ or http://bit.ly/centrifycreds
INFRASTRUCTURE SERVICES - Stop Breaches That Abuse Privilege
Minimize the attack surface and control privileged access to the hybrid enterprise with identity assurance, just-in-time and just enough privilege, advanced monitoring and reporting.
Identity Broker – Enable secure access and authentication to geographically dispersed infrastructure (on-premises and private or public cloud), leveraging identities in Active Directory, LDAP or cloud directories such as Google’s.
Learn more: https://www.centrify.com/products/privilege-service/identity-broker/ or http://bit.ly/centrifybridge
Adaptive MFA for Privileged Access – Risk-based multi-factor authentication for IT admins who access Windows and Linux servers, elevate privilege or leverage privileged credentials.
Learn more: https://www.centrify.com/products/server-suite/mfa-for-privileged-access/ or http://bit.ly/centrifypmfa
Privilege Elevation – Self-service request system facilitates the request for the specified role and time period, and if approved will automatically revoke that entitlement upon expiration.
Learn more: https://www.centrify.com/products/privilege-service/privileged-access-request/ or http://bit.ly/centrifyelevatep
Shared Account Password Management – Gives authorized internal users, outsourced IT and 3rd party vendors secure, always-on access to critical shared account passwords (while maintaining control over who has access, which account passwords they have access to and how those passwords are managed).
Learn more: https://www.centrify.com/products/privilege-service/shared-password-management/ or http://bit.ly/centrifysapm
Privileged Access Request – Temporary, time-bound privileged access to on-premises and cloud-based infrastructure.
Learn more: https://www.centrify.com/products/privilege-service/privileged-access-request/ or http://bit.ly/centrifyelevatep
Secure Remote Access – Secure Privileged Access for On-Site and Remote Administration.
Learn more: https://www.centrify.com/products/privilege-service/secure-remote-access/ or http://bit.ly/centrifyremote
Auditing & Reporting – Identify suspicious user activity, conduct forensic investigations and prove compliance with privileged session monitoring and auditing of shared administrative accounts.
Learn more: https://www.centrify.com/products/privilege-service/privileged-session-monitoring/ or http://bit.ly/centrifyaudit
ANALYTICS SERVICES - Leverage Real Time Security Analytics
Compromised accounts are today’s leading cause of data breach. In this age of access, trying to build policy that keeps data secure, without stopping user productivity, requires a massive security rethink. Centrify Analytics Service — based on user behavior — stops account-based attacks. Behavior-based scoring enables a frictionless user experience that is adjusted based on risk, improving productivity — while maintaining security.
BEHAVIOR-BASED ACCESS CONTROL - Risk-aware access uses machine learning to define and enforce access policies, based on user behavior. https://www.centrify.com/resources/centrify-analytics-service/
INSIGHTS - Build custom dashboards to better understand IT risk, as well as user experience, across applications, endpoints and infrastructure. https://www.centrify.com/resources/centrify-analytics-service/
EXPLORER - Explorer offers rich tools to drill into details so that IT security and risk managers can better comprehend access and events. https://www.centrify.com/resources/centrify-analytics-service/
Below are some frequently asked questions for Identity Services.
Identity Services offers the following pricing plans:
Starting from: $4/month
Pricing model: Subscription
Free Trial: Available
Free 30-day trial
App: $4 per user, per month
App+: $8 per user, per month
Identity Services offers the following features:
Identity Services has the following typical customers:
Large Enterprises, Mid Size Business, Non Profits, Public Administrations, Small Business
Identity Services supports the following languages:
Arabic, Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, English, Finnish, French, German, Hebrew, Hungarian, Indonesian, Irish, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Russian, Spanish, Swedish, Taiwanese, Thai, Turkish, Ukrainian
Identity Services has the following pricing plans:
Identity Services supports the following devices:
Android, iPhone, iPad
Identity Services integrates with the following applications:
Absorb LMS, ITRP, Jostle, Litmos LMS, Nectir Ideas Management, PurelyHR, Samanage, Slack, Smartsheet, xMatters
Identity Services offers the following support options:
FAQs, Forum, Knowledge Base, Online Support, Video Tutorials