Centrify Perspective

Centrify Perspective

As a leader in unified identity management, Centrify offers helpful information for organizations to enable greater user productivity, improved IT efficiency, better regulatory compliance and lower TCO of their identity infrastructure.


By , May 23, 2017

The Continuous Diagnostics and Mitigation (CDM) Task Order for CREDMGMT provides guidance and tools to federal civilian agencies to fulfill the Manage Credentials and Authentication (CRED) Function. This functional area is designed to prevent the binding of credentials the use of credentials by anyone other than the rightful owner (person or service). The approved tools provide careful management of credentials, preventing attackers from using hijacked credentials to gain unauthorized control of resources, especially administrative rights. The CRED capability ensures that account credentials are assigned to, and used by, authorized people or services. This solution relies on the results of the…

By , May 22, 2017

The volume and frequency of data breaches seem to have hit a new high in recent months. But away from the sensational headlines, do we really know what the impact of such incidents can be on the victim organisation’s reputation and bottom line? Centrify recently commissioned the Ponemon Institute to shine a light on exactly this area — interviewing CMOs, IT practitioners and customers — and uncovered some fascinating findings. Not only do UK firms on average see a lasting share price slump of 5% following a breach, but many IT and marketing professionals are profoundly divided –from each other…

By , May 17, 2017

Last time, I wrote about adaptive authentication and briefly touched on behavior analytics being an integral part of adaptive authentication. For true behavior analytics, you need some smart AI powered multi-factor authentication (MFA). Now, if you think about it and put the pieces of the puzzle together you might be able to kill passwords altogether. Wouldn’t that be nice? You no longer need to remember any passwords and all you need is access to one of your MFA tools when authenticating. With the increased use of smart phones and other devices for MFA, businesses now more than ever have the…

By , April 26, 2017

A recent Forrester study examined four levels of identity and access management (IAM) maturity and found a direct correlation between the number of privileged identity management (PIM) best practices implemented and the number of security incidents encountered by an organization. Wait, Isn’t Privileged Identity Management == Password Vault? Nope. Centrally controlling shared access to non-human accounts and automating periodic password rotation for shared accounts reduces risk, no doubt. This is a critical component when minimizing your attack surface and will make it harder for hackers to get in to your environment (initial compromise) — it is a best practice. However,…

By , April 20, 2017

Recently, Illinois Governor Bruce Rauner unveiled a broad-based cyber security plan. He announced the framework of his team’s plan for better cyber security, but it only covers the executive branch agencies. This approach of only implementing a plan to provide cyber security tools to select areas and users because they are deemed more important is known as a “privileged user.” This is only a partial solution because everyone in the organization is a “super user” in today’s technology driven organizations — everyone has a need to access technology that contains some level of meaningful information. All technology in organizations are…

By , April 19, 2017

When our baby first started crawling, we installed gates in all the doorways.  This kept her in safe, baby proofed areas.  We didn’t have to worry about her accidently wandering into a room and getting into something that could harm her.  It also allowed us to keep some things “nice” that a toddler would normally want to “play” with. Controlling Access for Security Best Practices But, what does this have to do with role-based access control (RBAC)?  Well everything.  As she grows and gains more skills, we adjust her access to the house.  It might be low tech, but it…

By , April 5, 2017

A few weeks ago, the Wall Street Journal ran a story about a laundromat in Carbondale, Colorado that was infected with the Mirai internet virus. Unbeknownst to the business owner, an internet-connected video recorder had been infected and was scanning the web for places to spread itself. The only sign that something was amiss was the fact that the device was regularly acting up — disconnecting the remote viewing app and forcing the owner to reconnect it by restarting the digital video recorder. While the story didn’t reveal any new developments, it does serve as an important reminder that malware…

By , March 29, 2017

Few managers would throw their employee the keys to a big rig with two loaded trailers to pick up a pint of milk from a nearby convenience store. Apart from the problem of parking, the vehicle is massively over-specced for the job at hand, which creates unnecessary safety risks, both to the driver and to other road users. However, this is essentially what occurs each day in businesses around the world as employees are given access to privileged computer accounts that massively exceed the needs of their jobs. The result is often devastating in terms of corporate security with many…

By , March 20, 2017

Adaptive Authentication: Why Should You Care? Before going into what adaptive authentication is I want to answer why you should care first. In today’s IT world, relying on a simple username and password authentication is not enough to protect critical business data and systems against the growing number of sophisticated cyber attacks. Just do a quick search online or have a look at one of my previous blogs, “How Much Does It Cost to Protect an Organization from Cybercrime?” to get an idea of how expensive a hack can be and how sophisticated attacks have become. That ever-growing number of…

By , March 15, 2017

Today, leading technology services research firm SPI named Centrify a 2017 Best-of-the-Best professional services organization. We were among 21 selected from a field of over 400 companies. SPI is a global research, consulting and training company that helps professional service organizations improve profit and productivity. The company’s PS Maturity Model™ planning and management framework has become the industry standard for service organizations. According to SPI, a key characteristic shared by this year’s winners was something Centrify genuinely strives for: A unique, employee-centric culture in an ethical work environment focused on customer satisfaction. It’s not easy to build, but it is…