National Cybersecurity Awareness Month: Building Resilience in Critical Infrastructure

Your corporate network is like a pandora’s box with a lot of goodies on the inside… stuff that any self-respecting hacker (um, business person) would be happy to exploit and monetize. So the question is, what options do you have to stop or thwart progress as that attacker tries to gain access, sneak around and slowly but surely gain ground on your crown jewels? On the theme of “resilience” and focusing on privileged access security, what are some of the ways your infrastructure can be more flexible, adaptable and resistant to attacks? Redefining “Attack Surface” I like to think of this…

How the Centrify Identity Platform Solves the IT Frankenstein Nightmare

In the novel Frankenstein, by Mary Shelly, Victor Frankenstein embarks on a quest to create life by using dead body parts, “collected bones from carnel-houses.” In the novel, the monster is totally uncontrollable and ultimately dooms his creator Victor. Frankenstein is not only a masterpiece of literature, but also represents a perfect analogy for today’s highly distributed business, and government, IT enterprises. Within the IT organizations of large enterprises, it’s very common to have different groups operating with almost complete autonomy, like small “kingdoms,” and these groups may rarely, if ever, coordinate their activities. Sure it’s true, that in some activities…

Five Steps to Stay Secure in the Mobile Age

Least surprising note of the day: I am a huge geek. See my picture up there? Nerd beard. Enough said. My current geek obsession is focused on mobile devices. I just upgraded my fantastic and near-new Google Nexus 6P to a Google Pixel XL. Why? Because NEW PHONE. And Google AI Assistant. But mostly, NEW PHONE. And if you’re wondering, it is indeed a fantastic device, and of course it’s secured by Centrify. I had the new phone shipped to me here at work, so I could “move in” right away. As I compared the new and old devices, and…

Windows 2FA – It’s a Big “Where” In “Everywhere”

If you’re a regular reader of our blog, you’ll know that here at Centrify, we’re big believers in multi-factor authentication (MFA) and strong supporters of MFA Everywhere. Passwords don’t protect us, our data or our businesses – and we need something better. As an extension of our commitment to eradicate passwords wherever possible, and bolster security with MFA wherever we can, we’ve extended our “MFA Everywhere” initiative with a key new “where” – 2FA for Windows logon. Speed and Security We can hear the cries now: “2FA! Windows Logon! Won’t that slow all my users down?” Not if the second…

5 Critical Topics in Cybersecurity Training

With European Cybersecurity Month in full swing, this week’s topic of discussion is “Cybersecurity Training.” Whilst cybersecurity training and awareness has undoubtedly improved, a common mistake is that it is often treated as a one-time tick-box exercise, rather than an ongoing process. As cyberthreats become part of the reality of daily business, the limitations of traditional security controls have been exposed and businesses need to recognise that cybersecurity is not simply a one-off task on the to-do list. A security breach is now assumed to be inevitable and whilst layering defensive security controls and tools are a step in the…

How Centrify Can Help AWS Customers Comply with New HIPAA CSP Regulations

New HIPAA regulations are driving heightened security around electronic protected health information (ePHI) and Cloud Service Providers (CSP). These regulations detail the types of security for data in the cloud, as you might expect, but they also focus on securing and controlling the access to cloud systems, infrastructure and data. In the simplest terms, this means healthcare companies and their business associates (BA), need to focus on securing and managing resources IN the cloud, as well as securing and managing access TO the cloud. This can be broken down to mean that healthcare companies need to: Ensure cloud resources are…

3 Ways to Prove Identity & Combat Cybercrime: National Cybersecurity Awareness Month

The Secret to Security What if I told you that the secret to security was just one, simple and attainable thing? Fort Knox is the de facto standard of security. It has granite walls that are four feet thick, vaults housing gold constructed with 27 inches of steel and one of the largest surveillance network on earth. Not to mention, it has the U.S. Army guarding the facility.  Yet, there is “one thing” that really helps protect this compound. Area 51 is one of the most highly classified areas in the world. Its protective measures include elaborate fences, an actual army of…

Comparing Cloud Identity and Access Management (IAM) Solutions

The State of the IAM Market With the huge shift to the cloud happening and the corresponding plethora of SaaS apps now invading enterprises, it is not surprising that the need for identity and access management solutions built for the cloud is rising in importance in the minds of IT buyers. This is because each newly deployed cloud-based app can become an island of identity unto itself. This in turn causes the problems of end users drowning in too many passwords (which also increases the odds of one being stolen), the inability for IT to quickly provision and de-provision users…

Podesta Twitter Hack: A(nother) Lesson on Two-Factor Authentication

In the midst of the WikiLeaks’ release of thousands of emails purportedly from his inbox, Hillary Clinton Campaign Chairman John Podesta has now become the victim of a hack into his Twitter account. CNN is reporting that Podesta’s account was hacked on Wednesday, September 12, and that, just as Clinton landed in Las Vegas, Podesta ostensibly tweeted, “I’ve switched teams. Vote Trump 2016. Hi pol.” While the specific details of the hack have yet to be discovered, a likely scenario is that Podesta’s Twitter account was protected solely by a username and password – without any form of two-factor authentication….

How To Prevent Cybercrime: CFO Insights for Mid-Market and SMB Companies

Cybersecurity Risk From the Break Room to the Board Room How can CFO’s enable an organization to effectively combat cybercrime, while reducing IT security budgets? If this sounds too good to be true, let me explain how it can be done. Cyber risk is present at every level in every company from the break room to the board room. In retail, data breaches occur in companies of every size; from Yellowfront, a one-store grocer in Maine to the massive Home Depot and Target breaches. Cyber awareness of social engineering attack modes is a management priority, and all employees have responsibility in preventing…