Centrify Renews Commitment to Federal Information Processing Standards

The new release of Centrify Server Suite (CSS) 2017 contains an updated version of the Centrify Cryptographic Module, which provides the cryptographic services used within the suite. Just as we did with the previous version, this new crypto module has also received FIPS 140-2 validation, and its certificate #2844 has been posted on the NIST validation list. The Federal Information Processing Standard (FIPS) Publication 140-2 is a standard set by the US Government to approve cryptographic modules, and all software used within federal networks that perform encryption are required to be FIPS 140-2 validated. Centrify has hundreds of federal customers…

How to Keep Active Directory Active in a Hybrid IT World

For enterprise IT, “hybrid” is the word of the year. You’re either operating a hybrid infrastructure model already or you’re teetering on the edge. It’s getting easier now that AWS, Microsoft, Google et al are improving their services in support of such a model. At the Amazon AWS re:invent show in November, every other sentence contained the word “hybrid.” This was in stark contrast to last year where Amazon still firmly believed a total migration was the only logical choice. Some of our customers are very aggressive with plans to dissolve all their data centers and migrate everything to IaaS. The…

Solving DHS Continuous Diagnostics and Mitigation (CDM) Phase 2

The Department of Homeland Security (DHS) established a $6B blanket purchase agreement (BPA) to improve the cyber defenses for federal, state, local, tribal and territorial governments. The DHS Continuous Diagnostics and Mitigation (CDM) program helps protect government IT networks from cyberthreats and enhances risk-based decision making by providing a consistent and proven set of solutions. Centrify is the selected solution for CDM Phase 2 CRED that ensures all federal agency associates only have access to servers, applications or network resources based on their unique identity, role and responsibility within their organization. Centrify Server Suite offers a robust Active Directory bridge…

The Great Gig in the Sky: Secure Hybrid Cloud

Every day I hear from companies concerned and frustrated over a specific challenge — how to stand up workloads in the cloud while maintaining privileged access security (PAS). Infrastructure-as-a-Service (IaaS) has become the great equalizer. It doesn’t matter whether you’re large or small, in finance, healthcare or government — we all share the same worries when it comes to securing access to, and in, the cloud. I was pondering this the other day while sipping a short, dry cappuccino and listening to Pink Floyd’s Dark Side of the Moon. I had an epiphany. Thanks to Roger Waters & Co, I walked away with…

How Much Does It Cost to Protect an Organization from Cybercrime?

$15 million per year is the mean annualized cost if you don’t protect yourself, based on 58 benchmarked organizations according to a study by Ponemon Institute in 2015. 2014’s mean cost per benchmarked organization was $12.7 million. Thus, we observe a $2.7 million (19 percent) increase in mean value. The net increase over six years in the cost of cyber crime is 82 percent. Figure one shows an average annualized cost per sector (1 Million omitted) The same study concluded that the cost breakdown for: Internal activities is 31% for detection, 24% for recovery, 15% for investigation, 13% for containment, 9%…

National Cybersecurity Awareness Month: Building Resilience in Critical Infrastructure

Your corporate network is like a pandora’s box with a lot of goodies on the inside… stuff that any self-respecting hacker (um, business person) would be happy to exploit and monetize. So the question is, what options do you have to stop or thwart progress as that attacker tries to gain access, sneak around and slowly but surely gain ground on your crown jewels? On the theme of “resilience” and focusing on privileged access security, what are some of the ways your infrastructure can be more flexible, adaptable and resistant to attacks? Redefining “Attack Surface” I like to think of this…

Snowden: A “Trust but Verify” Story Gone Wrong

Snowden Movie Night Oliver Stone has brought “Snowden” to the big screen. Blimey. I’d finally stopped culling my social networks to the bone, put Mr. Robot hoodies in a box in the garage and stopped checking behind the shower curtain before getting in. Oh well. With hindsight and better insight, let’s reflect on some steps the government could take to mitigate this kind of situation happening again. In this blog, though, for a change, I’m going to start with the human angle instead of diving headlong into the technology. I want to highlight first the “people” in “people, process and…

Centrify Privilege Service Deploys Everywhere: On-premises, Private Cloud or PIM-as-a-Service

I’m very pleased to announce that we’ve added a brand-new deployment option to Centrify Privilege Service, our enterprise-grade privileged identity management (PIM) solution for remote access, shared account password management, multi-factor authentication (MFA) and privileged session monitoring. Privilege Service is now the only product of its type available today that natively supports all three deployment models that enterprise customers need: on-premises, private cloud and public cloud. Privilege Service has been available as PIM-as-a-Service from day one, i.e. the public cloud deployment option. And now, you have the option to install, deploy and manage Privilege Service within your own IT environment….

Multi-Factor Authentication – Going for Olympic Gold

At a very basic level, we are all searching for a gold medal at the end of each day, and what companies want for their employees is a defined method of authentication so that they can master their craft and take home gold. Let’s picture for a moment that your company is the city, Rio, in Brazil, and that you have given all of your partners connections to your network for the Olympics. Not only that, everyone that has flown in will be using your Wifi for the three weeks the games are happening. AHH!!! That thought scares me, since there will be many people on your “front porch.”…

The “Grand Slam” of Identity and Access Management (IAM) Solutions

It’s summer and the sports of tennis and golf are enjoying their “grand slam” and “major” events (e.g. Wimbledon in tennis and the British Open in golf). Which got me thinking ― is there an equivalent set of “majors” for the Identity and Access Management market? The two major independent analyst firms in the IT industry — Gartner and Forrester ― spend a lot of time in the identity space, with Gartner publishing various Magic Quadrants and Forrester with its Waves. Magic Quadrants and Waves both measure a company’s current offerings, its strategy, as well as their market presence in…