What is Adaptive Authentication?

Adaptive Authentication: Why Should You Care? Before going into what adaptive authentication is I want to answer why you should care first. In today’s IT world, relying on a simple username and password authentication is not enough to protect critical business data and systems against the growing number of sophisticated cyber attacks. Just do a quick search online or have a look at one of my previous blogs, “How Much Does It Cost to Protect an Organization from Cybercrime?” to get an idea of how expensive a hack can be and how sophisticated attacks have become. That ever-growing number of…

SPI: Centrify Professional Services are “Best of the Best”

Today, leading technology services research firm SPI named Centrify a 2017 Best-of-the-Best professional services organization. We were among 21 selected from a field of over 400 companies. SPI is a global research, consulting and training company that helps professional service organizations improve profit and productivity. The company’s PS Maturity Model™ planning and management framework has become the industry standard for service organizations. According to SPI, a key characteristic shared by this year’s winners was something Centrify genuinely strives for: A unique, employee-centric culture in an ethical work environment focused on customer satisfaction. It’s not easy to build, but it is…

Confronting the New Cyber Security Reality: Part 1

During the peak of the 2016 U.S. presidential election cycle, two groups of hackers accessed the Democratic National Convention servers. The leak made public emails detailing the DNC’s interactions with the media, both primary candidates’ campaigns and campaign contributions, and personal information about DNC donors, including credit card and Social Security numbers. This historical breach will forever be known for its impact on the 2016 Presidential election. Recently, we’ve seen the frequency of breaches like the DNC attack skyrocket—and no organization is safe. Over the past two years, sixty-six percent of organizations report experiencing five or more breaches, according to…

What’s Next from Google Cloud: Scenes from Google Next

Google Cloud last week had their big event in San Francisco, gathering Partners, customers and Googlers alike to talk about Google Cloud and its bright future. Centrify was proud to sponsor this event, and we had a presence in the Partner Playground, which allowed us to visit with hundreds of Google Next attendees to understand what they were doing with Google Cloud. Of course we spoke with Centrify customers, Google customers and some prospective customers, but interestingly, most of these conversations were with those who are already using software as a service (SaaS) or identity as a service (IDaaS) today….

Researchers: Action Required to Protect Against IoT Threats

Recently, Pwnie Express researchers released their third annual report on the wired, wireless, Bluetooth, IoT and BYOD challenges facing IT security professionals. It’s not your typical study. These researchers combine a survey of hundreds of IT security pros with “on-the-ground” data captured from Pwnie Express sensors, distributed across a number of businesses. This mix of human perspective and real-world data offers a more accurate picture of what’s really going on out there. This year’s report had some interesting findings that I wanted to point out. If you have time to read the report — and I recommend it — you…

More Thoughts on Vendor Consolidation in the Security Market

In my last blog post, I discussed a new major trend in the security market, which is that security buyers are increasingly looking to consolidate vendors and want more of a platform approach to security versus stitching together point solutions. Besides hearing this directly from customers over the last few months, I documented in the blog how two different analysts, who were both doing comprehensive security customer surveys, both independently found that around “70% of enterprise security buyers are consolidating vendors.”  In this blog post I want to further elaborate on this trend and share some additional data points that…

It’s About Time (For Compliance with PCI DSS 3.2) — Are You Ready?

2017 hit the ground running in a fast and furious way, for obvious reasons. But wait a second — it’s suddenly March?!? Events and deadlines that seemed far into the future are suddenly right around the corner, with less time than you thought to cover everything in that intricate plan. Oh, if only time machines really did exist. One critical deadline on the near horizon applies to businesses who work with payment cards — merchants, financial institutions, point-of-sale vendors and developers who create and operate infrastructure that processes payments. And every one of those businesses needs to pay attention to…

How to Stop the Breach in a Hybrid Enterprise

Has your enterprise experienced a data breach in the past two years? If so, it’s time for a wake-up call. In fact, 66% of organizations reported falling victim to a breach an average of five or more times during that time span. The security status quo is a slippery slope. Enterprise networks have expanded beyond the well-defined boundaries that used to protect our important assets from falling into the wrong hands and a new security reality has set in. Traditional security methods can’t protect your organization from breaches, and failure to recognize this new reality leaves your business at risk…

Mobile World Congress 2017: It’s Not About the Phones Anymore

I’m here at Mobile World Congress 2017, and of course all the big names have new phones, but we expect that now. This year the theme is decidedly more about the future. Every year MWC has a theme, which is usually some sort of catchy marketing phrase. However, this year the theme is “The Next Element,” and I think it fits. Things like 5G connected cars, drones, VR and IoT are the showcase of many of the companies here. This is all great, and I like the progress the industry has made in just the last year. However, for me being…

Centrify Renews Commitment to Federal Information Processing Standards

The new release of Centrify Server Suite (CSS) 2017 contains an updated version of the Centrify Cryptographic Module, which provides the cryptographic services used within the suite. Just as we did with the previous version, this new crypto module has also received FIPS 140-2 validation, and its certificate #2844 has been posted on the NIST validation list. The Federal Information Processing Standard (FIPS) Publication 140-2 is a standard set by the US Government to approve cryptographic modules, and all software used within federal networks that perform encryption are required to be FIPS 140-2 validated. Centrify has hundreds of federal customers…