Posts by David McNeely

David McNeely is VP of Product Strategy at Centrify Corporation.


It's All About Identity

Changing the Game: Simplified Authentication to IaaS

By , December 1, 2016

I am pleased to introduce the Identity Broker capability of the Centrify Privilege Service. Identity Broker for Linux enables a new paradigm in user authentication to Linux systems, which seamlessly integrates your choice of directory service, including Active Directory, LDAP directories or cloud directories such as Google G Suite Directory. This is a significant advancement in Centrify’s identity consolidation capabilities and delivers freedom of choice when deciding where to store your identities. For 12+ years, Centrify has focused on delivering some of the best possible integration of Linux servers into Active Directory. Our customers are successfully securing identity, authentication and privilege across…

Centrify Perspective

Top 3 Takeaways from Black Hat 2016

By , August 16, 2016

While I’ve been working in identity and access management (IAM) space since the early 1990s, this was the first year that I attended Black Hat, and it is the first year that Centrify has sponsored the event with a booth.  In preparation for it, we heard from many who had attended in the past about potential cyberattacks at the event. As a result, we made sure that everyone attending was prepared and knew what to expect based on previous reports from Black Hat events that we found including: Not Your Average Top 5 Things To Know Before Blackhat Rule 31 Black Hat…

From the Cloud

Smart Card Login to Cloud-Based Apps and Privileged Identity Management Services

By , December 18, 2015

I am excited to announce that Centrify has added Smart Card login as a core feature of our Cloud Identity Platform supporting both the Centrify Identity Service as well as the Centrify Privilege Service. Smart Cards in physical form (CAC/PIV), derived credentials, virtual smart cards as well as USB PKI Keys (such as Yubikey or SafeNet eToken Pro) can now be used to login to your agency’s personalized Centrify cloud portal for access to SaaS applications as well as privileged user access to authorized servers and networking devices. There are several reasons that our customers are asking for this capability as they…

It's All About Identity

Secure Windows Administration and Eliminate Dual Active Directory Accounts for Administrators

By , March 17, 2015

I’ve seen many environments lately where the Windows administrators have two Active Directory accounts, one that they use for their normal end user activities, such as reading email, and the other they use for any administrative duty. This creates several very real problems: a) the admin now has two different accounts with a password that he must now maintain over time, probably not a huge problem but just a pain for the admin; b) you still have to trust the admin where he will use the second admin account and hope that he doesn’t use it for normal daily activity…

It's All About Identity

Secure Identity for Hadoop @ Strata+Hadoop World 2015

By , February 24, 2015

The most interesting thing to me about Strata+Hadoop World was the stories about what everyone is doing with Hadoop or Big Data. We heard numerous stories about how data scientists are using Hadoop to analyze customer data, financial data, web site click traffic, etc. In fact, most of the people who came to the show were realizing the value of Hadoop technology, while very few were responsible for the IT infrastructure that it runs on (who we normally sell security solutions to). And the most common title at the show was Data Scientist, which got me thinking that we should have a Security…

Centrify Perspective

Mitigating Vulnerabilities Related to Unmanaged SSH Keys with Kerberos

By , October 15, 2014

SSH has become the defacto method to access UNIX and Linux computers over the network for several different use cases – from shell access or file transfers, to batch jobs that need to communicate with other computer or apps, to name a few. As with any remote access solution to a system that contains corporate data, centralized authentication and access controls are critical to ensure that only the right users can access that resource in line with the business needs. However the challenge is that SSH Server that is typically configured for remote access on nearly all UNIX and Linux systems…

Mobile Frontier

Centrify for Mac 2014.1 Integrates Cloud-based Management and Expands Smart Card Services

By , September 23, 2014

We are happy to introduce Centrify for Mac 2014.1, which builds upon our best-in-class Active Directory integration to provide users with Single Sign-on (SSO) to our catalog of more than 3000 web and SaaS Apps through integration with the Centrify Cloud Service. The integration with the Centrify Cloud Service also provides IT admins with remote management of Macs as well as the user’s mobile devices. This release also provides expanded support for Smart Cards with integrations into other popular applications such as Firefox, Thunderbird and the DoD Encryption Wizard. We built Centrify for Mac to empower Corporate IT to manage Macs…

Mobile Frontier

Solving account lockout by eliminating use of passwords by using PKI certificates

By , June 30, 2014

Have you ever been forced to change your password on your laptop only to find that you got your AD account locked about an hour later? If your company is like mine, we require our login passwords to be changed every 90 days, and what a pain that is just because we don’t allow reusing passwords, they have to be complex with mixed case and both alpha and numeric characters and at least 8 characters long, yes it could be more complex

Centrify Perspective, Mobile Frontier

Is Mobile Device Management on the verge of death?

By , June 25, 2014

Mobile Device Management (MDM) solutions are a popular way for IT organizations to secure the smart phones and tablets that their employees bring to work and want to use to access business applications and data. However the traditional MDM solution may not survive given the growing concern over user privacy as well as the coarse grained and sometimes inadequate controls they have over the device. At the same time, mobile device operating systems are evolving to provide much better security to enable better privacy controls for the user and to ensure that data stored on the device is properly protected….