Secure the Vote with Zero Trust

Our democracy is under attack. We are in an era where digital assets are being weaponized and used against us. The fragile state of our democracy is highlighted by election meddling by foreign interests, database breaches of both political parties, and most recently a high-profile breach of trust. And now, just a week ago, a “60 Minutes” episode titled, ‘When Russian Hackers Targeted the U.S. Election Infrastructure,’ validated that the main target of the 2016 U.S. election was election boards, and that up to 90,000 voter records were compromised. Election boards and officials face the biggest battle yet when it…

Introducing Centrify Identity Services for HashiCorp Vault

Today, Centrify is proud to announce the integration of the Centrify Identity Service with HashiCorp Vault for role-based user authentication and access to the Vault. The Centrify Next-Gen Access Management platform now provides an additional Auth Method called “centrify” for HashiCorp Vault. This Auth Method allows you to authenticate users to HashiCorp Vault, leverage any connected directory source for authentication, and enable role-based authorizations to Vault resources using Centrify Roles. Figure 1: HashiCorp Vault integration with Centrify Identity Services INTEGRATION, AUTHENTICATION, ACCESS There are several benefits to using Centrify for user authentication to HashiCorp Vault: Centrify brokers authentication to any…

Trends to look for next week at RSA Conference 2018

Next week (April 16-19) is the 2018 RSA Conference at the Moscone Center in San Francisco, and there’s good news: it’s not too late to register for a complimentary Exhibit Hall Only Pass using the Centrify entry code X8ECENTR. You’ll get free admission to the Exhibit Hall, Wednesday through Friday keynotes, select sessions throughout the week, and several other events you can learn about here. If you’re on the fence about whether or not to attend, here’s a preview of the topics we expect to generate the most RSA buzz. If any of these interest you, register, and be sure…

Centrify Zero Trust Security Partners in the Spotlight at RSA Booth 501

RSA Conference has moved back to April this year, and next week the largest cybersecurity trade show in the world will once again convene at Moscone Center in San Francisco. Centrify will be front and center this year – literally. Our booth #501 is right in the middle of the entrance to the South Hall. You can’t (and won’t want to) miss it. In case you didn’t catch it the first time, Michele Hayes wrote a great blog about everything going on at our booth next week. I highly suggest reading that once you’re done here. PARTNERS IN THE SPOTLIGHT…

Why the Path Towards Zero Trust Starts with Next-Gen Access

Zero Trust Security has gained a lot of popularity over the last six months. Almost daily you can read articles about this security strategy (e.g., TechRepublic, CSO, Security Current). Both analysts (e.g., Forrester) and security professionals acknowledge the benefits it offers in the context of establishing effective ways to minimize the risk of falling victim to a cyber-attack. The reason why so many embrace Zero Trust Security is most likely anchored around its simplicity ― with today’s porous network perimeter, untrusted actors already exist both inside and outside the network. However, when it comes to developing the necessary blueprint on…

GDPR and Privacy: How to Earn the Trust of Your Customers and Keep Regulators Happy

Customer data is the lifeblood of any organisation and the key to unlocking sales and growth. But the data you hold and how you use it is about to come under intense scrutiny, thanks to new European privacy rules. The EU General Data Protection Regulation (GDPR) is the biggest shake-up to the region’s laws in this area in almost a generation, introducing sweeping new rights for consumers and potentially onerous obligations for organisations. To avoid hefty fines, whilst retaining the trust of your customers and prospects, you’ll need to pay special attention to the new rules and make lasting changes…

Real-Life Exposed Privileged Identity Theft

Have you ever had your identity stolen? Credit cards obtained under your name that were not yours? Most of us have, and what a pain it can be to stop excess charges, get reimbursed, close down those accounts, and repair your damaged credit. It can take years to recover from such an invasion. While we know what it’s like in our personal lives, many of us don’t pay attention to the damage that could be caused in our professional careers, especially with privileged accounts like database access. One reason for this disconnect is because the breaches typically are not financial…

Six Reasons to Experience Zero Trust Security in Centrify Booth 501 at RSA

In case you hadn’t heard, the 2018 RSA Conference will be held April 16-19 at the Moscone Center in San Francisco. If you haven’t been, this is the security event of the season and the best opportunity you’ll find to network with 50,000 other security professionals — exchanging ideas, learning the latest trends and finding solutions that empower you to stay ahead of rapidly-evolving and increasingly-costly cyber threats. Centrify will be there, offering demos and explaining why Zero Trust is the future of cybersecurity, and we’d like you to be our guest. Below are the event details and six reasons…

Making Headlines: SAML

On February 27, 2018 the CERT Division of Carnegie Mellon University’s Software Engineering Institute issued advisory #475445, outlining a design flaw in Security Assertion Markup Language (SAML) implementations, which affects various Single Sign-On (SSO) software and several open source libraries meant to support SAML-based SSO operations. Centrify customers are not susceptible to this vulnerability nor any Service Provider Applications that leverage the Centrify SDK (for more details, click here). The disclosed vulnerability drew a lot of media attention, generating coverage by tech publishers like ZDNet, eWeek, and TechTarget. Some of you might ask why there has been so much hype…

Centrify for NIST 800-171 MFA Compliance

I often speak with Federal System Integrators (FSIs) who need to implement Multi-Factor Authentication (MFA) as part of their NIST 800-171 compliance. Specifically section 3.5.3 of this NIST guide states, “Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.” Many of these FSIs have already implemented smart cards in their environment, at least partially, while others have no form of MFA at all. Either way, the Centrify Identity Platform can provide this MFA compliance, along with many other features required for a secure, Zero Trust environment. (Centrify’s detailed compliance note on…