Posts by Andy Zindel
Andreas Zindel is a Director of Technical Marketing for Centrify's Identity Service. He's been working in the network security sector for over fifteen years, as System Administrator, Technical Support and Technical Marketing. His primary role is to support the field and marketing team with collateral to elucidate the technical details of Centrify’s products.
Centrify Perspective
4 Steps to Reduce the Risk of Shared Account Passwords
By Andy Zindel, January 10, 2018
Reduce the Risk of a Security Breach When Sharing Privileged Accounts There are partners, employees, contractors, customers and others who access or try to access your most valuable company assets on a daily basis. But each individual or each group represents a high risk if their privileges are not managed properly. Time and time again we see an employee or a contractor falling victim to a phishing attack and the compromised credentials are then used to move laterally through your environment. This can be especially damaging if the account that has been compromised is a shared account: Shared accounts are…
It's All About Identity
What is Adaptive Multi-factor Authentication (MFA)?
By Andy Zindel, December 7, 2017
In 2016 over $80B have been spent on Security, yet 66% of companies were still breached and 81% of breaches involved compromised credentials in the form of either stolen or weak passwords. I covered in one of my previous blogs the cost of protecting yourself, which according to a study by Ponemon Institute in 2015, the mean annualized cost for 58 benchmarked organizations is $15 million per year. So, now that we understand how expensive it is to get hacked (which many of us probably knew along), I want to state the obvious: In today’s IT world, relying on simple…
Centrify Perspective
IAM Best Practices to Reduce Your Attack Surface
By Andy Zindel, August 30, 2017
When I read the 2017 Verizon data breach report, I couldn’t help but notice that it would be relatively easy to reduce an attack surface by implementing a few Identity & Access Management (IAM) best practices. Granted, that might mean you will need to spend some money, but considering that a breach could cost you $15 Million or more, according to Ponemon, and considering that 81% of breaches involve a weak or stolen password, wouldn’t it make sense spending your money where it has the most impact? Organizations need to reduce their attack surface! Now before I share tips provided by…
Centrify Perspective
How Can User Behavior Analytics Kill the Password?
By Andy Zindel, May 17, 2017
Last time, I wrote about adaptive authentication and briefly touched on behavior analytics being an integral part of adaptive authentication. For true behavior analytics, you need some smart AI powered multi-factor authentication (MFA). Now, if you think about it and put the pieces of the puzzle together you might be able to kill passwords altogether. Wouldn’t that be nice? You no longer need to remember any passwords and all you need is access to one of your MFA tools when authenticating. With the increased use of smart phones and other devices for MFA, businesses now more than ever have the…
Centrify Perspective
What is Adaptive Authentication?
By Andy Zindel, March 20, 2017
Adaptive Authentication: Why Should You Care? Before going into what adaptive authentication is I want to answer why you should care first. In today’s IT world, relying on a simple username and password authentication is not enough to protect critical business data and systems against the growing number of sophisticated cyber attacks. Just do a quick search online or have a look at one of my previous blogs, “How Much Does It Cost to Protect an Organization from Cybercrime?” to get an idea of how expensive a hack can be and how sophisticated attacks have become. That ever-growing number of…
It's All About Identity
Federated Identity Management vs. SSO
By Andy Zindel, February 23, 2017
Last time I wrote about how much it costs to protect yourself, so I want to follow up with another topic that hits close to home: your wallet. Federated identity management (FIM) and single sign-on (SSO) are not synonymous — FIM gives you SSO, but SSO does not give you FIM. That minor detail is very important to understand, as you make the leap to the cloud and adopt more SaaS applications. While you will have some initial startup cost with FIM by building out an identity service provider (IDP), it is cheaper in the long run than using simple SSO with FIM….
Mobile Frontier
Does Multi-Factor Authentication Have to Be Difficult?
By Andy Zindel, January 30, 2017
Before we go into how Multi-factor authentication (MFA) has changed, let’s have a quick look at what MFA is. With MFA, users must provide two or more “factors” of authentication when they access applications, networks and resources. MFA implementations use a combination of the following factors: Something you know: such as a username, password, PIN or the answer to a security question. Something you have: such as a smartphone, one-time pass token or smart card. Something you are: biometrics like your fingerprint, retina scans or voice recognition. Now that we understand what MFA is, I’d like to point out that in today’s IT…
Centrify Perspective
How Much Does It Cost to Protect an Organization from Cybercrime?
By Andy Zindel, December 19, 2016
$15 million per year is the mean annualized cost if you don’t protect yourself, based on 58 benchmarked organizations according to a study by Ponemon Institute in 2015. 2014’s mean cost per benchmarked organization was $12.7 million. Thus, we observe a $2.7 million (19 percent) increase in mean value. The net increase over six years in the cost of cyber crime is 82 percent. Figure one shows an average annualized cost per sector (1 Million omitted) The same study concluded that the cost breakdown for: Internal activities is 31% for detection, 24% for recovery, 15% for investigation, 13% for containment, 9%…
Centrify Perspective
Password Management: Amateurs Hack Systems, Professionals Hack People
By Andy Zindel, November 17, 2016
To say it in the words of the security guru, Mr. Schneier,“Amateurs hack systems, professionals hack people.” Don’t believe that the typical hacker is the socially awkward 20-something-year-old young man who cannot make eye contact with someone at Starbucks — like Elliot from Mr. Robot. The most successful hackers are truly gifted grifters who can “talk their way out of almost anything” — or better said, “talk their way into anything.” Kevin Mitnick is probably the most notorious hacker of recent years, who has mastered the art of exploiting human vulnerabilities to get into computer systems, including those of American…
From the Cloud
Federating Office 365 — an ADFS Alternative
By Andy Zindel, January 11, 2016
So you have finally taken the plunge and decided to adopt Office 365. But as you embark on the Software-as-a-Service (SaaS) journey you come to realize that, as you adopt more and more SaaS applications, managing all these different logins could turn into a nightmare in the future. Not only would you have to touch each application when a new employee starts, but more importantly when an employee leaves. You start asking yourself questions like how do I manage to turn off access to all these cloud applications and how do I reclaim all the licenses from employees that have…