11 April,19 at 11:50 AM
In case you hadn't heard, we will be upgrading our platform (Centrify Identity Service and Centrify Privilege Service) to version 17.5 this weekend (Saturday, June 3rd). The complete list of new features is available in the release notes, but as always I will tell you about my favorites here:
New UI
17.5 is a milestone release for us as it consolidates the User Interfaces for the 2 component products in the platform! With this release, the UI for the "Privilege Manager" has been moved to the Admin Portal. To accommodate this change (and the addition for many more tabs), we have moved from a horizontal menu to a vertical one. Let me point out a few additional features of this new UI:
On the User Portal side, we have kept the horizontal navigation, but we've refreshed the portal to align with the new UI.
If you'd like to see more of a sneak peak at the new UI, please refer to this video.
New Security Features
We've also added a couple of cool new security features:
Note: devices are considered managed if: (i) the device is under management by Centrify, or (ii) a known trusted certificate is on the device (known by being uploaded to the tenant as a trusted CA – under Settings > Authentication > Certificate Authorities).
Admins can enable this feature in the Admin Portal by going to Settings > Authentication > Security Settings.
Local Administrator Account Password Management for Macs
If your organization uses Macs, you will love this last feature! If you're like most organizations you use the same admin account on all of your Macs. Of course your users only have access to their personal user account but the administrative account on the endpoint is there and likely the same across all of your endpoints. You try to keep access to that password limited but over time the threat vector expands as you have more endpoints using the same password, you have turnover in your IT department and you occasionally need to provide end users with access to that Admin account.
In an ideal world, you would use different passwords for each endpoint, your admins / end users wouldn't know those passwords (but would be able to access the accountwhen needed) and the passwords would get automatically updated for you. This feature makes that ideal world a reality by leveraging Centrify's Mac management capabilities in conjunction with our Privilege Service! Centrify can now manage the local accounts for your Macs, change the passwords on a regular basis and control who can access those accounts!
Customers of Centrify Identity Service and Centrify Privilege Service can enable this feature by setting the policies under Policies > Mobile Device Policies > OS X Settings > Manage Local Admin Account.
We hope you like these new features and look forward to hearing your feedback!