A Leader in the 2016 Forrester PIM Wave: What It Means for IT Security Teams

Little has changed in 30 years of massive data breaches From the earliest computer hackers to today’s sophisticated cyber-criminals, little has changed in the modus operandi used to access and monetize financial data. In the TRW 1984 incident, thieves stole access codes to a credit rating database from a TRW subscriber, a Sears and Roebuck’s store in Sacramento. They proceeded to paste them to an online noticeboard, so that others with personal computers could use the stolen credit history information of 90 million Americans to commit credit card fraud. Today, privileged user’s credentials are still the preferred target for cyber…

Multi-Factor Authentication – Going for Olympic Gold

At a very basic level, we are all searching for a gold medal at the end of each day, and what companies want for their employees is a defined method of authentication so that they can master their craft and take home gold. Let’s picture for a moment that your company is the city, Rio, in Brazil, and that you have given all of your partners connections to your network for the Olympics. Not only that, everyone that has flown in will be using your Wifi for the three weeks the games are happening. AHH!!! That thought scares me, since there will be many people on your “front porch.”…

Top 3 Takeaways from Black Hat 2016

While I’ve been working in identity and access management (IAM) space since the early 1990s, this was the first year that I attended Black Hat, and it is the first year that Centrify has sponsored the event with a booth.  In preparation for it, we heard from many who had attended in the past about potential cyberattacks at the event. As a result, we made sure that everyone attending was prepared and knew what to expect based on previous reports from Black Hat events that we found including: Not Your Average Top 5 Things To Know Before Blackhat Rule 31 Black Hat…

The “Grand Slam” of Identity and Access Management (IAM) Solutions

It’s summer and the sports of tennis and golf are enjoying their “grand slam” and “major” events (e.g. Wimbledon in tennis and the British Open in golf). Which got me thinking ― is there an equivalent set of “majors” for the Identity and Access Management market? The two major independent analyst firms in the IT industry — Gartner and Forrester ― spend a lot of time in the identity space, with Gartner publishing various Magic Quadrants and Forrester with its Waves. Magic Quadrants and Waves both measure a company’s current offerings, its strategy, as well as their market presence in…

How to Secure Your Mobile Device, In an Unsafe World

You’ve seen the news headlines, “900 Million Android Devices Vulnerable!” Which, at first glance seems pretty shocking — after all, that’s roughly half of all active Android devices. If you are like me though, this kind of news is becoming all too normal. It seems there is always some new hack, exploit or vulnerability. Before this, it was Stagefright – the vulnerability where an attacker could gain control of your device with just an MMS message. When it comes to mobile devices, there is a certain sensitivity. For most of us, if someone is able to gain control of our device,…

Phast and Phurious: Phishing Exploits in 2016

We live in a world of constant cyber attacks. Every day I talk to IT security teams, CISOs, CIOs, analysts, reporters and more about the nuances of how to protect against attack and how to try to stay ahead of cyber criminals. These discussions often focus on some pretty advanced attacks, which often have equally advanced solutions to fight them. We spend a lot of time on whiteboards drawing networks and highlighting vulnerabilities and we draw an inordinate amount of proxies and next gen firewalls and plain’ ol (last gen?) firewall. Companies spend a lot of money continuing to bolster…

What Pokémon Go Teaches Us About Reducing Cyber Risk in the Enterprise

Pokémon Go is all the rage with my three kids: a tween, a teen and a young adult. At first I didn’t get the appeal. I would ask them, “What is the point of Pokémon?” And, they would answer, “Daaaad, you capture Pokémon with Poké Balls and there are ultra-rare ones like the Squirtle or the Mewtwo and you get berries and level them …(I sorta glaze over at this point).” Am I just being curmudgeonly (and, can you be curmudgeonly in your forties?), or could my kids break it down for me in a way that I would more easily relate…

Misuse of Privileged Credentials Now Involved in 80% of Data Breaches

Recently the respected analyst firm Forrester released its “Wave” for the privileged identity management (PIM) market. Centrify is quite proud to be recognized as a leader in the Forrester Wave (in fact we are the “furthest to the right”), and you can request a complimentary copy of the report here and see our analysis of the report here. But, what really jumped out at me was that the report documented how pervasive the misuse of privileged credentials are in data breaches. In this blog I will discuss what PIM is, what are some of the key findings of the Forrester report…

Centrify Brings Secure Identity Data to the Open Network Insight Project

Centrify has been working with Cloudera for years around our many joint customers and a partnership embracing the product strengths of both companies. Building on this foundation, Cloudera and Centrify today announced that Centrify has joined the Open Network Insight (ONI) project. ONI is an open source, Apache 2.0 licensed cybersecurity project that leverages big data and machine learning to detect advanced threats. ONI provides an open data model for Network, and with the addition of Centrify to the project will be extended to include identity. By extending ONI’s open data model into identity, Centrify is allowing users to centralize identity and…