GDPR and Privacy: How to Earn the Trust of Your Customers and Keep Regulators Happy

Customer data is the lifeblood of any organisation and the key to unlocking sales and growth. But the data you hold and how you use it is about to come under intense scrutiny, thanks to new European privacy rules. The EU General Data Protection Regulation (GDPR) is the biggest shake-up to the region’s laws in this area in almost a generation, introducing sweeping new rights for consumers and potentially onerous obligations for organisations. To avoid hefty fines, whilst retaining the trust of your customers and prospects, you’ll need to pay special attention to the new rules and make lasting changes…

Real-Life Exposed Privileged Identity Theft

Have you ever had your identity stolen? Credit cards obtained under your name that were not yours? Most of us have, and what a pain it can be to stop excess charges, get reimbursed, close down those accounts, and repair your damaged credit. It can take years to recover from such an invasion. While we know what it’s like in our personal lives, many of us don’t pay attention to the damage that could be caused in our professional careers, especially with privileged accounts like database access. One reason for this disconnect is because the breaches typically are not financial…

Six Reasons to Experience Zero Trust Security in Centrify Booth 501 at RSA

In case you hadn’t heard, the 2018 RSA Conference will be held April 16-19 at the Moscone Center in San Francisco. If you haven’t been, this is the security event of the season and the best opportunity you’ll find to network with 50,000 other security professionals — exchanging ideas, learning the latest trends and finding solutions that empower you to stay ahead of rapidly-evolving and increasingly-costly cyber threats. Centrify will be there, offering demos and explaining why Zero Trust is the future of cybersecurity, and we’d like you to be our guest. Below are the event details and six reasons…

Making Headlines: SAML

On February 27, 2018 the CERT Division of Carnegie Mellon University’s Software Engineering Institute issued advisory #475445, outlining a design flaw in Security Assertion Markup Language (SAML) implementations, which affects various Single Sign-On (SSO) software and several open source libraries meant to support SAML-based SSO operations. Centrify customers are not susceptible to this vulnerability nor any Service Provider Applications that leverage the Centrify SDK (for more details, click here). The disclosed vulnerability drew a lot of media attention, generating coverage by tech publishers like ZDNet, eWeek, and TechTarget. Some of you might ask why there has been so much hype…

Centrify for NIST 800-171 MFA Compliance

I often speak with Federal System Integrators (FSIs) who need to implement Multi-Factor Authentication (MFA) as part of their NIST 800-171 compliance. Specifically section 3.5.3 of this NIST guide states, “Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.” Many of these FSIs have already implemented smart cards in their environment, at least partially, while others have no form of MFA at all. Either way, the Centrify Identity Platform can provide this MFA compliance, along with many other features required for a secure, Zero Trust environment. (Centrify’s detailed compliance note on…

SEC Clarification: Companies Must Disclose Breaches

In late February, the U.S. Security and Exchange Commission (SEC) issued new cybersecurity guidance in the form of an “interpretive release.” According to the SEC website, the Commission frequently provides guidance on federal securities laws and SEC regulations for business and investment communities. The release covered three main topics: Disclosure of cybersecurity risks and incidents Companies have been largely remiss in alerting the public to breaches that may directly impact them. Equifax took five months to reveal that the data of 145 million people had been compromised. Yahoo took years to disclose that every one of its user accounts had…

Frost & Sullivan Recognizes Centrify for IDaaS and PIM Leadership

Today Frost & Sullivan, a leading analyst firm and growth partnership company, announced that Centrify has earned the North American Product Leadership Award for its Next-Gen Access Solution for Zero Trust Security. The report specifically noted Centrify’s success as a security company comes by challenging traditional approaches to security and using a unique philosophy to address the problem. Centrify helps its customers identify and follow a set of best practices that are grounded in Zero Trust Security—through verifying all users, validating their devices, and limiting access and privilege—to reduce risks related to breaches. The author of the report, Sankara Narayanan,…

With Less Than 100 Days to Go, How to Get C-Level Buy-in for GDPR Compliance

For GDPR compliance initiatives to work effectively, there has to be buy-in from the boardroom. That doesn’t just mean releasing the necessary funds to bolster efforts ahead of 25 May, but understanding the need for long-term cultural and process changes to the organisation in the years to follow. However, with less than 100 days to go until the compliance deadline, only a quarter (26 per cent) of European firms are fully compliant, according to Forrester. So how can you drive greater awareness at senior levels of your organisation? The good news is that new Centrify research suggests that the C-level…