Posts by Andy Smith
Andy Smith is vice president of product marketing. Smith’s expertise spans twenty plus years and he will drive Centrify’s identity services security products and platform strategy. Prior to his Centrify appointment, Smith was responsible for Oracle’s go-to-market strategy for the company’s global identity and security business unit, where he successfully launched multiple security cloud services to many millions of users that transitioned customers from on-premises license to cloud.
Centrify Perspective
Gartner and Centrify Agree – PAM is #1 Security Project for 2018
By Andy Smith, July 25, 2018
CISOs are overwhelmed with a multitude of projects that are pulling at their time and resources. All of these projects feel important and usually will have some benefit, but nobody has the time or budget to do it all. So which projects will give you the biggest bang for your buck? How do security professionals prioritize these initiatives? At this year’s Gartner Security and Risk Management Summit, Gartner’s Neil MacDonald revealed the analyst firm’s top 10 recommended security projects for 2018. MacDonald stated that CISOs need to, “focus on projects that reduce the most amount of risk and have the…
Centrify Perspective
Real-Life Exposed Privileged Identity Theft
By Andy Smith, March 27, 2018
Have you ever had your identity stolen? Credit cards obtained under your name that were not yours? Most of us have, and what a pain it can be to stop excess charges, get reimbursed, close down those accounts, and repair your damaged credit. It can take years to recover from such an invasion. While we know what it’s like in our personal lives, many of us don’t pay attention to the damage that could be caused in our professional careers, especially with privileged accounts like database access. One reason for this disconnect is because the breaches typically are not financial…
From the Cloud
Break the Trust and Stop the Breach: The Zero Trust Security Model
By Andy Smith, February 19, 2018
As 2018 is upon us, it’s time to take stock of our new realities and commit to better behavior that benefits us and our companies. The discussion of the perimeterless enterprise is not new. In fact, the term “de-perimeterisation” was coined by Jon Measham, a former employee of the UK’s Royal Mail in a research paper, and subsequently used by the Jericho Forum back in 2005. The concept is easily understood. Are your employees using their mobile phones to access business data? Do they use SaaS apps like O365, Salesforce, or ServiceNow? If so, then your organization is a perimeterless enterprise. Access to your enterprise…
From the Cloud
Moving to the Cloud? Six Best Practices for AWS Security
By Andy Smith, November 28, 2017
When moving to an AWS infrastructure, responsibility for security is shared between Amazon and your organization. Amazon’s Shared Responsibility Model clearly shows where both parties’ responsibilities begin and end. AWS secures the lower layers of the infrastructure stack, while the organization is accountable for everything else up to and including the application layer. Six security best practices for organizations moving to AWS Extend your common security model Conventional security and compliance concepts still apply in the cloud. Whether we’re talking about existing apps migrating to the cloud or new ones being built there, they must be secured and good practices…
Secure Thinking by Tom Kemp
