Password Vaults Alone Are Not Enough to Stop the Breach

A recent Forrester study examined four levels of identity and access management (IAM) maturity and found a direct correlation between the number of privileged identity management (PIM) best practices implemented and the number of security incidents encountered by an organization. Wait, Isn’t Privileged Identity Management == Password Vault? Nope. Centrally controlling shared access to non-human accounts and automating periodic password rotation for shared accounts reduces risk, no doubt. This is a critical component when minimizing your attack surface and will make it harder for hackers to get in to your environment (initial compromise) — it is a best practice. However,…

PWN2OWN 2017 Outcome: Implement Multi-factor Authentication & Least Privilege

Zero Day Initiative, a security research program that offers rewards for successful hacks, reported that on last day of their recent “PWN2OWN 2017” competition, a team of contestants pulled off an unique and challenging feat: they compromised a virtual machine and managed to “escape” to the host system running the virtualization software.  The hack involved three distinct and challenging tasks: Compromising Microsoft’s Edge Browser Compromising the Guest Operating System (running Windows 10) Compromising the VMware Workstation virtualization software And this was all accomplished through a controlled website. Although this may not be the first time each individual layer was compromised, this…

Undue Privilege Costs Cash and Undercuts Security

Few managers would throw their employee the keys to a big rig with two loaded trailers to pick up a pint of milk from a nearby convenience store. Apart from the problem of parking, the vehicle is massively over-specced for the job at hand, which creates unnecessary safety risks, both to the driver and to other road users. However, this is essentially what occurs each day in businesses around the world as employees are given access to privileged computer accounts that massively exceed the needs of their jobs. The result is often devastating in terms of corporate security with many…

Centrify Supports Data Privacy Day: Take Action Today to Protect Your Privacy!

Centrify is proud to be a Data Privacy Day Champion because we work tirelessly each day to protect our customers and their data privacy.  We believe that all of us, whether at work or as consumers, should be aware of data privacy issues (who has my data? what can they do with it? what are they doing to protect it?) and take steps to protect personal data and business’s data. So, when we found out we could help champion Data Privacy Day we jumped at the chance. In recognition of Data Privacy Day, Centrify brings various supporting messages about how to keep…

Centrify Co-Chairs the 2017 ICIT Winter Summit

Once again, we find ourselves at that stage in the political cycle when the new administration is taking office. That means a revised look at everything — from the economy, to the markets, to the health of our industries. And an evaluation of how effectively we’re protecting all of the above. It is no surprise that cybersecurity is top of mind due to several recent high-profile breaches, many of which were mentioned in our end-of-the-year wrap-up. Perhaps no cybersecurity events were as disturbing as those surrounding the 2016 election. It turns out that many of these attacks would have been…

Why Organizations Need Adaptive Multi-factor Authentication (MFA)

We hear about high profile security breaches frequently. Most of these breaches exploit the system login credentials of end users to get into the company’s network. Leading organizations are recognizing this and are beginning to focus on better securing end user identities. Multi-factor authentication (MFA) is becoming a very popular method for doing this as MFA requires a user to provide more than just a password to access the network. These additional factors of authentication require the user to provide something that only the user knows, has and is. As a best practice, when implementing MFA, it should be setup across…

Good Cyber Hygiene: Everyone is a Privileged User

Yesterday, ICIT published the first in a series of research reports as part of an identity management and cyber hygiene initiative, entitled, “ICIT Analysis: Identity and Access Management Solutions: Automating Cybersecurity While Embedding Pervasive and Ubiquitous Cyber-Hygiene-by-Design.“ Wow, what a title. But worthy of the topic. ICIT Sr. Fellow James Scott and Researcher Drew Spaniel did a thorough job identifying the various pitfalls of cybersecurity and ensuring everyone in the organization cares about cyber hygiene and is on top of their game. They offered several good ideas to meet the needs of today’s environment,  such as use a digital representation…

EU GDPR, Mandatory Data Breach Notification and How Centrify Helps

Breach notification rules in the upcoming EU GDPR (General Data Protection Regulation) will mean data breaches are far more likely to become public, where today it is possible (although probably ill-advised) to try and sweep them under the carpet. The 2016 Verizon Data Breach Investigations Report stated “63% of confirmed data breaches involved weak, default or stolen passwords.” Centrify protects against the leading point of attack used in data breaches – compromised credentials – and can therefore reduce the risk of breaches taking place. EU GDPR Background The EU GDPR will apply from 25th May 2018, and although that seems like a long time from now, companies may find they…

Cybersecurity in 2016; predictions for 2017

It’s that time of year again. The holiday season is upon us and with it, online shopping will no doubt take another bite out of traditional brick-and-mortar holiday sales. With a colorful new president taking office shortly thereafter, 2017 promises to be an interesting year. But before we get to predictions, let’s take a look at the year that was. 2016: The year in review After a series of high-profile breaches in 2015 that involved criminal and state-sponsored attacks against the personal data of hundreds of millions of people, our prediction last year was that 2016 would bring the increased…

National Cybersecurity Awareness Month: Building Resilience in Critical Infrastructure

Your corporate network is like a pandora’s box with a lot of goodies on the inside… stuff that any self-respecting hacker (um, business person) would be happy to exploit and monetize. So the question is, what options do you have to stop or thwart progress as that attacker tries to gain access, sneak around and slowly but surely gain ground on your crown jewels? On the theme of “resilience” and focusing on privileged access security, what are some of the ways your infrastructure can be more flexible, adaptable and resistant to attacks? Redefining “Attack Surface” I like to think of this…