Want to Transform Your Business with Mobile? Rethink Security

Last week I attended an executive forum hosted by Centrify and our partners, Google and Vox Mobile. We had a great lineup of speakers, including Andrew Toy (Android for Work Product Management Director), Jim Haviland (Chief Strategy Officer of Vox Mobile) and our very own Bill Mann. As the speakers shared their perspectives and insights on where mobility is going and what’s needed to get there, a few things really hit home for me. Mobility ≠ the latest phone or email We’ve only just scratched the surface of how mobility can truly transform business. Yes, email and other productivity apps…

Federal Insecurity

Months after the devastating Office of Personnel Management (OPM) hack came to light — in which 21.5 million personnel records were stolen — the Government Accountability Office (GAO) has issued a report on the extent that US Federal Government is experiencing breaches. The report revealed that the number of security incidents impacting Federal agencies has grown from 5,503 in 2006 to 67,168 in 2014 — a massive 12x increase in 8 years — and that the US government is looking to hire 10,000 cyber professionals in the next year. In this blog post I will go over some of the highlights…

The Cloud: Boldly Go Where No Man Has Gone Before…

I don’t know when it started, probably during my cartoon watching childhood days, but somewhere in days past — I developed a taste for Science Fiction. I suppose Flash Gordon and the Jetsons got me started and from there, I moved on the harder stuff — like Lost in Space, The Twilight Zone, The Time Tunnel, and of course Star Trek. I realize that some of those shows might be unfamiliar to you. Honestly, based on the quality of CGI and the talented professionals behind special effects today, those shows would likely be classified as… well… lame. True enough, the special…

Should Passwords Have a “Best Before” Date?

I recently touched on the GCHQ/CESG password report about passwords — ‘Password Guidance – Simplifying Your Approach’ — a government best practice document aimed at UK organisations and designed to help protect against password breaches. Should changing passwords be mandatory? As a general guidance document, it makes some valuable suggestions and recommendations on password practices. However it was interesting to see the comments around changing passwords. It says that “most administrators will force users to change their password at regular intervals, typically every 30, 60 or 90 days,” but suggests that this “imposes burdens on the user” and “carries no real benefits.” While we…

Handing Over The Keys Without Exposing The Whole Kingdom

Are you nervous about the prospect of handing over superuser account passwords to a 3rd party? Have you already outsourced IT functions and reluctantly handed over the keys? If the answer to either one is “yes” then you’re faced with a potentially risky situation. Of course, you trust your partner. You’ll have performed background checks on individuals, established SLAs and operational best practices that constrain the usage of these privileged accounts. Still, surveys tell us that data breaches by insiders exploiting privileged identities are rampant, so why should we think we’re any safer trusting an external 3rd party where we…

Going Google Just Got Easier With Centrify

  You’ve likely seen all the recent press surrounding  Google’s continued push into the enterprise since its launch of the Google for Work business tools including Apps for Work, Android for Work, Chrome for Work and Google Cloud Platform solutions.  Clearly Google is going “all in” on increasing both presence and market share of Google in the Enterprise, leveraging a partner ecosystem to help them accomplish these goals. Centrify’s continuing momentum and leadership around mobile and cloud identity management recently made us the only IDaaS vendor to have partnered with Google to offer the broadest set of third party identity…

Time to Reset Your Password? Get Out the Dice

In the past week, I have been prompted several times a day to change my network password. And I’ve been putting it off each time I see that annoying pop-up window. Why? Because I’m sick and tired of coming up with a unique password! And who isn’t? But I’m getting close to my 90-day password use limit, and yes, I’ll have to do something about it soon. There has to be a better way to select a good password. One that’s easy to remember but hard to crack. You see, the rules for generating complex passwords are well known. Any programmer worth his or her salt can figure…

Sometimes it’s Easy to Keep an Open Mind

Wednesday was a long day — in the good sense. I spent the day at Dropbox Open, Dropbox’s first user conference, representing Centrify as both a newly announced Premier Partner, and as a sponsor of the event. The day started around 8am, and ended… let’s just say it was a new day when I eventually left the party. I’ve finally recouped, and my mind is buzzing! As a sponsor, we had some insight into what the event was about, but as the first user conference, you never know exactly what to expect. The speaker list looked great, and didn’t disappoint!…

Wouldn’t You Expect Security Features to Just Be in a Security App?

I’ve worked in security companies nearly my whole career, so I understand why building security into our solutions is important. However, for some it can be a challenge, because the details of security can sometimes be complicated and difficult to understand. It’s our job as a security company to make these things easier to understand, but also to make sure security is something that “just works,” and isn’t a reactive function. Let’s talk about an example that should make this more clear. Recently, the team here at Centrify alerted me to a news report that a security researcher, Lookout, had…

Current Cybersecurity Measures Not Enough to Stem the Tide of Breaches

Last year my colleague Chris Webber predicted that “Breach Headlines will Change IT Security Spend.” Unfortunately the breach headlines this year were even more striking than most could predict. 2015 breaches involved high-profile criminal and state sponsored attacks. Millions of personnel records of government employees, tens of millions of records of insurance customers, and hundreds of millions of customer records from various other companies were among the information compromised. This year we even heard of a BILLION dollar bank heist! Many of these companies had implemented advanced malware protection and next-generation firewalls, and delivered regular security training sessions for their…