Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

PrivX™ On-Demand Access Manager

Next Generation privileged access for the cloud. No passwords, no password rotation, no vaults, no secrets, no complex deployment project.

Why traditional PAM is failing in the cloud

Cloud applications are elastic, scalable, and dynamic. Traditional privileged access management (PAM) was designed for static physical servers in much smaller environments.

At its heart, traditional PAM is based on password vaulting and automatic password rotation. It requires complex infrastructure, with some larger organizations needing a hundred vaults to meet their environment's needs. Vaults become a single point of failure. It is expensive and difficult to deploy. Instead of the solution working for the users, users need to change how they work. Many PAM products available on the market require agents to be installed on servers and/or special client software installed on user desktops. These agents and clients need to be patched and kept up to date. All of this makes deploying, maintaining, and using traditional PAM a burden, massively expensive, and horribly complex. So complex that large consulting houses have built major practices just around those projects.

Traditional PAM just doesn't provide the agility one needs in the cloud and doesn't handle elastic services well at all. In fact, it doesn't handle traditional legacy infrastructure very well. Projects are complex, expensive, and customers are not happy.

Many large organizations change millions of passwords every day. There has to be a better architecture for access control.

Next generation privileged access management

Hackers typically spread in organizations by stealing credentials - passwords and keys. Just recently, leaked CIA hacking tools were stealing passwords and SSH keys. The real solution to building resiliency is to get rid of passwords and long-term SSH keys on servers entirely.

PrivX On-Demand Access Manager is the next generation, lightweight PAM solution. It is designed to be completely different: it works without any permanent access credentials on servers, using only short-term temporary credentials that are created on demand. There are no passwords to rotate, no vaults needing to store them, and no software that needs to be installed and patched on individual servers. End users simply use their web browser as the client. A very fast and straightforward deployment project. Unlimited scalability.

Benefits of PrivX On-Demand Access Manager

  • Get privileged access management deployed much faster and at lower cost and risk.
  • Scale to cloud services while getting the same benefits with legacy infrastructure.
  • Avoid the complicated and problem-prone password rotation and password vaulting deployments and their maintenance.
  • Avoid multi-year consulting projects just to deploy the product. Instead, deploy in days or weeks, even in large environments.
  • Have happier and more productive employees.

In the end, PrivX On-Demand Access Manager is simply faster, cheaper, and easier. And future-proof.

Why you should care

Bridge the gap from legacy to future, without the traditional hassles of yesterday's PAM offerings. Organizations must still implement and deploy privileged access management for several reasons:

  • Most cybercrime is perpetrated by insiders.
  • Hackers routinely gain access and infiltrate organizations by obtaining privileged credentials.
  • Monitoring and analytics are critical for detecting breaches.
  • Regulatory compliance and cybersecurity best practice mandate controlling privileged access.

How PrivX works

With PrivX, the user authenticates to a gateway using Active Directory credentials, two-factor authentication, or single sign-on. The gateway issues short-lives certificates to the user based on policy rules. The certificates are used to access accounts on servers. Passwords can be entirely eliminated from servers and there is no need for password vaults or password rotation.

Read the details of how PrivX works.

privx-on-demand-access-manager-architecture.png

Request more information