Privilege Elevation

Grant Just Enough Privilege Across Windows, Linux and UNIX

A flexible, fine-grained privilege elevation service lets your users get work done, reduces risk and makes implementing a just-in-time, least-privilege model easy with role-based access controls.

Least privileged model, what is privilege management?

A Single Source of Identity Makes Assigning, Changing and Auditing Privileges Easy


Reduce the risk of attack through individuals with too much privilege. Implementing least-privilege access limits potential damage from security breaches


Increase security and accountability by having fewer shared accounts and vaulted credentials. Easily assign or revoke privileges for users across Windows, Linux and UNIX systems


Realize operational efficiencies through integrated authorization, authentication and audit that leverages existing investments in Active Directory


Prove compliance with regulations and industry mandates to auditors with a single view into the control and security of user privileges


Ensure all privileged activity is tied to an individual. Users log in as themselves, seamlessly elevate privilege and all activity is audited


Enable just-in-time privilege by requiring workflow-based management approvals for credential checkouts, privileged sessions and privileged roles

Role-based Access Controls Make Least-privilege Easy

Least-privilege access gives you strong controls over your users’ privilege and reduces your risk from a range of threats. Centrify’s patented Zones technology provides highly granular, role-based access controls that simplify the implementation of a least-privilege model across Windows, Linux and UNIX systems.

Learn More
RBAC makes least privilege easy

Self-service Role Requests for Just-in-time Privilege

Minimize security risk by enabling administrators to systematically request a new role to obtain the rights they need to perform tasks. Access Request for Privileged Roles enables organizations to grant long-lived or temporary privileges and roles with a flexible, just-in-time model that accommodates fluctuating business needs.

Learn More
self service role requests for just in time privilege

Seamless Privilege Elevation with Dynamic Access Restrictions

Secure your Windows, Linux and UNIX systems by controlling exactly who can access what and when. Unlike de-centralized single-purpose tools like sudo, Centrify enables the configuration of dynamic privileges so that users can only elevate privilege at specific times, for a length of time and on certain servers. You can also isolate servers based on time and trust relationships to further protect sensitive data.

Learn More

Powerful Tools Automate Privilege Creation and Assignment

Centrify provides a powerful set of tools to simplify adoption and management of a least-privilege access model. Privilege Elevation Service includes tools and APIs to assess identity-related risk, assign pre-defined roles and rights, import existing sudo files, automate the creation of new roles and rights, create reports and meet audit requirements.

Learn More

Centrify White Paper

Best Practices for Privileged Identity Management in the Modern Enterprise

This white paper examines trends and formulates best practices for managing risks in the areas of identity consolidation, privileged session management, SuperUser privilege management, shared account password management, and secure vpn-less remote access.