IDaaS: Identity as a service, what does it mean?

Seem like we have Everything as a Service now (Software, Platform, Infrastructure…), so what does one of the more recent ones, ‘Identity as a Service’, mean? Well the ‘as a Service’ tail means that something that you used to build, run, support and maintain in-house is now provided as a utility, in the same way you get electricity, water and phone service. Or for new companies it means starting with these as utilities in the first place. Why has this become popular? Because of the predictable cost and quality of service.

Centrify Launches New Alliance Program for ISVs & Developers

Today at the Samsung Developers Conference, we are excited to announce the birth of CAPP! Centrify has taken a leap forward by evolving as a platform vendor and creating a formal program to embrace & engage with more ISVs and developers – the Centrify Aliance Partner Program. I want to take the time here to talk about our motivation to do this and what this means for ISVs and developers alike.

Centrify DirectControl for OS X 10.9 Mavericks

With the announcement of the release of OS X 10.9 Mavericks by Apple today, an updated version of the Centrify Mac agent is also available for those will undoubtedly want to have Apple’s latest and greatest immediately. This DirectControl for Mac OS X 10.9 release is a required update for anyone wanting to run Mavericks on a Centrify-managed system. In addition to bringing support for OS X 10.9, additional key updates for this release include: Bugfixes for issues affecting offline logins Support for remote silent installation via Apple Remote Desktop and other deployment solutions. GUI enhancements for more informative descriptions…

Introducing Centrify for Samsung KNOX

Last week we announced an expansion of our partnership with Samsung and the general availability of our Centrify for Samsung KNOX solution that delivers “Zero Sign-On” to web and rich Mobile applications within Samsung KNOX as well as provides Active Directory-based container and device management. In this blog post I want to provide a bit more color commentary on what is Samsung KNOX and what is the solution that Centrify provides that comes standard with KNOX.

New Chalktalk on Network Access Rights

We just posted a new Video Chalktalk talking about privilege elevation over remote connections with Centrify’s DirectAuthorize for Windows.  Pretty technical, but also pretty amazing. Rich Loose and I (okay, mostly Rich ;->) get into the machinery for authenticating users over remote connections.  This isn’t the case where you use RDP, for example, to do a remote logon.  This is where you might use a console like Services.msc to connect remotely to a server and manage its services over the wire without logging into it. DirectAuthorize has a unique ability to elevate privilege over remote connections like these, which can be incredibly useful…

Centrify Announces Availability of Samsung KNOX Solutions

Today we took a significant step forward in our OEM technology partnership with Samsung,announcing 3 key milestones marking the launch of Samsung KNOX:

1. Centrify for Samsung KNOX is now generally available and provided at no extra cost for use on ANY Samsung KNOX licensed devices.
2. Centrify is now a Samsung KNOX reselller, which means you can buy Samsung KNOX licenses globally from Centrify – starting today.
3. – your one stop resource center for Samsung KNOX is now live!

Centrify Announces Active Directory Integration for Huddle Single Sign-On

Over the summer I had a chance to meet the team at Huddle — and what I saw across the board was a relentless focus on enabling organizations to succeed at establishing an effective way to collaborate — with customers wins like NASA, P&G, KIA Motors, and AKQA, Huddle’s success was irrefutable. After speaking with Huddle co-Founder Andy McLoughlin at their fabulous Huddle SF offices, we quickly realized a great partnership could flourish by combining our SaaS Active Directory Integration with Huddle — the result is Centrify for Huddle Single Sign-On. This solution enables our joint customers like NASA and others…

Why is User Provisioning So Hard? Doesn’t SCIM Fix It?

In a prior post, I discussed how SAML works and mentioned the challenge of user provisioning. The issue is that although a service does not manage the master user identity, it still needs to have some information about the user. Let’s imagine a multi-tenant SaaS service called; it supports SAML for user login (kudos to them for this). But it still needs the user to have an account in that contains the user’s name, email, phone number and department name. The classic way this would be done is that the admin of a customer would log in via…