Thoughts from the 2017 AWS Summit in San Francisco

One of the things I love about partnering with Amazon Web Services is how often they are in front of their user community. In addition to their large, annual user conference called RE:Invent, AWS hosts several smaller regional summits throughout the year. As an APN partner, Centrify had the opportunity to participate in last week’s AWS Summit in San Francisco. We were lucky to be able to visit with a nice cross-section of AWS users — users across multiple industries, many of which were in the Fortune 1000. It was great meeting with these organizations and across the board, companies…

Ponemon 2017 Report: The Need for a New IT Security Architecture

It’s annual cybersecurity reporting season and first up in 2017 is the Ponemon Global Study, “The Need for a New IT Security Architecture” sponsored by Citrix. The study reveals global trends in IT security risks and reasons why security practices and policies need to evolve in order to deal with threats from disruptive technologies, cybercrime and compliance. Changes in the workplace and problems managing IT security are also increasing risks to the organization. This report surveyed more than 4000 global IT and security practitioners and discusses the findings that concern risks created by cybercrime, employee negligence and organizational dysfunction and…

Five Key Takeaways from AWS re:Invent 2016

I had the honor of attending the Amazon Web Services (AWS) re:Invent 2016 and wanted to highlight some of my key takeaways from the conference. Since Centrify was a sponsor, I was able to talk with many folks with an interest in learning more about Centrify’s announcement, “Centrify Delivers Innovative Capabilities and Best Practices to Streamline and Secure Adoption of Hybrid Cloud.” 1. AWS is Innovative as a Large Company A good proxy for innovation is the number of features and products a company releases. AWS currently has tens of thousands of employees, and AWS announced 24 new products at the AWS Re-Invent show….

How to Keep Active Directory Active in a Hybrid IT World

For enterprise IT, “hybrid” is the word of the year. You’re either operating a hybrid infrastructure model already or you’re teetering on the edge. It’s getting easier now that AWS, Microsoft, Google et al are improving their services in support of such a model. At the Amazon AWS re:invent show in November, every other sentence contained the word “hybrid.” This was in stark contrast to last year where Amazon still firmly believed a total migration was the only logical choice. Some of our customers are very aggressive with plans to dissolve all their data centers and migrate everything to IaaS. The…

The Great Gig in the Sky: Secure Hybrid Cloud

Every day I hear from companies concerned and frustrated over a specific challenge — how to stand up workloads in the cloud while maintaining privileged access security (PAS). Infrastructure-as-a-Service (IaaS) has become the great equalizer. It doesn’t matter whether you’re large or small, in finance, healthcare or government — we all share the same worries when it comes to securing access to, and in, the cloud. I was pondering this the other day while sipping a short, dry cappuccino and listening to Pink Floyd’s Dark Side of the Moon. I had an epiphany. Thanks to Roger Waters & Co, I walked away with…

Top Three New Year’s Security Resolutions

When it comes to setting New Year’s resolutions, most people shoot for the moon. We tell ourselves we will give up carbs, go running every morning, become a vegan or even give up drinking alcohol. Inevitability, three weeks later, we find ourselves right back where we started. As security professionals, responsible for keeping the bad guys out and reducing the risk of data breaches, we find ourselves right back where we started too — we fundamentally do not really improve our security posture, and then wonder why not. We are very similar to our consumer counterparts, because we set lofty…

Changing the Game: Simplified Authentication to IaaS

I am pleased to introduce the Identity Broker capability of the Centrify Privilege Service. Identity Broker for Linux enables a new paradigm in user authentication to Linux systems, which seamlessly integrates your choice of directory service, including Active Directory, LDAP directories or cloud directories such as Google G Suite Directory. This is a significant advancement in Centrify’s identity consolidation capabilities and delivers freedom of choice when deciding where to store your identities. For 12+ years, Centrify has focused on delivering some of the best possible integration of Linux servers into Active Directory. Our customers are successfully securing identity, authentication and privilege across…

SSO for Cloud-Based Apps a Key to Collaboration Success for Shiseido

At the end of last year, PC Magazine published an article about the five collaboration trends to expect in 2016. The article stated that, “Distributed teams have more ways than ever to communicate and collaborate in real time, and 2016 is set to bring another wave of innovation around cloud-based connectivity, cross-platform integration, and next-generation multimedia conferencing.” They were pretty accurate. Collaboration between employees and contractors — working from anywhere but the office – is more common every day. And, as the article predicted, “cloud-connected everything” (the #2 trend) and “seamless interoperability” (#4) are the name of the game. But building a truly collaborative…

Modernizing Legacy Apps to Boost Security: Part I

The subject of modernizing apps has been around for years, but while talking to a partner organization recently, I was reminded that there are a number of companies with legacy apps that are just now getting around to dealing with them. What Apps Need Modernization? The commercial apps you’re implementing into your environment today should not need to be modernized. If, however, you’ve developed your own apps or you continue to use legacy commercial apps developed several years back, you may have some work to do. Why Modernize an App? Companies most often modernize apps as a method of improving…

How Centrify Can Help AWS Customers Comply with New HIPAA CSP Regulations

New HIPAA regulations are driving heightened security around electronic protected health information (ePHI) and Cloud Service Providers (CSP). These regulations detail the types of security for data in the cloud, as you might expect, but they also focus on securing and controlling the access to cloud systems, infrastructure and data. In the simplest terms, this means healthcare companies and their business associates (BA), need to focus on securing and managing resources IN the cloud, as well as securing and managing access TO the cloud. This can be broken down to mean that healthcare companies need to: Ensure cloud resources are…