Posts by Andy Zindel

Andreas Zindel is a Director of Technical Marketing for Centrify's Identity Service. He's been working in the network security sector for over fifteen years, as System Administrator, Technical Support and Technical Marketing. His primary role is to support the field and marketing team with collateral to elucidate the technical details of Centrify’s products.

It's All About Identity

What is Adaptive Multi-factor Authentication (MFA)?

By , December 7, 2017

In 2016 over $80B have been spent on Security, yet 66% of companies were still breached and 81% of breaches involved compromised credentials in the form of either stolen or weak passwords. I covered in one of my previous blogs the cost of protecting yourself, which according to a study by Ponemon Institute in 2015, the mean annualized cost for 58 benchmarked organizations is $15 million per year. So, now that we understand how expensive it is to get hacked (which many of us probably knew along), I want to state the obvious: In today’s IT world, relying on simple…

Centrify Perspective

IAM Best Practices to Reduce Your Attack Surface

By , August 30, 2017

When I read the 2017 Verizon data breach report, I couldn’t help but notice that it would be relatively easy to reduce an attack surface by implementing a few Identity & Access Management (IAM) best practices. Granted, that might mean you will need to spend some money, but considering that a breach could cost you $15 Million or more, according to Ponemon, and considering that 81% of breaches involve a weak or stolen password, wouldn’t it make sense spending your money where it has the most impact? Organizations need to reduce their attack surface! Now before I share tips provided by…

Centrify Perspective

How Can User Behavior Analytics Kill the Password?

By , May 17, 2017

Last time, I wrote about adaptive authentication and briefly touched on behavior analytics being an integral part of adaptive authentication. For true behavior analytics, you need some smart AI powered multi-factor authentication (MFA). Now, if you think about it and put the pieces of the puzzle together you might be able to kill passwords altogether. Wouldn’t that be nice? You no longer need to remember any passwords and all you need is access to one of your MFA tools when authenticating. With the increased use of smart phones and other devices for MFA, businesses now more than ever have the…

Centrify Perspective

What is Adaptive Authentication?

By , March 20, 2017

Adaptive Authentication: Why Should You Care? Before going into what adaptive authentication is I want to answer why you should care first. In today’s IT world, relying on a simple username and password authentication is not enough to protect critical business data and systems against the growing number of sophisticated cyber attacks. Just do a quick search online or have a look at one of my previous blogs, “How Much Does It Cost to Protect an Organization from Cybercrime?” to get an idea of how expensive a hack can be and how sophisticated attacks have become. That ever-growing number of…

It's All About Identity

Federated Identity Management vs. SSO

By , February 23, 2017

Last time I wrote about how much it costs to protect yourself, so I want to follow up  with another topic that hits close to home: your wallet. Federated identity management (FIM) and single sign-on (SSO) are not synonymous — FIM gives you SSO, but SSO does not give you FIM. That minor detail is very important to understand, as you make the leap to the cloud and adopt more SaaS applications. While you will have some initial startup cost with FIM by building out an identity service provider (IDP), it is cheaper in the long run than using simple SSO with FIM….

Mobile Frontier

Does Multi-Factor Authentication Have to Be Difficult?

By , January 30, 2017

Before we go into how Multi-factor authentication (MFA) has changed, let’s have a quick look at what MFA is. With MFA, users must provide two or more “factors” of authentication when they access applications, networks and resources. MFA implementations use a combination of the following factors: Something you know: such as a username, password, PIN or the answer to a security question. Something you have: such as a smartphone, one-time pass token or smart card. Something you are: biometrics like your fingerprint, retina scans or voice recognition.   Now that we understand what MFA is, I’d like to point out that in today’s IT…

Centrify Perspective

How Much Does It Cost to Protect an Organization from Cybercrime?

By , December 19, 2016

$15 million per year is the mean annualized cost if you don’t protect yourself, based on 58 benchmarked organizations according to a study by Ponemon Institute in 2015. 2014’s mean cost per benchmarked organization was $12.7 million. Thus, we observe a $2.7 million (19 percent) increase in mean value. The net increase over six years in the cost of cyber crime is 82 percent. Figure one shows an average annualized cost per sector (1 Million omitted) The same study concluded that the cost breakdown for: Internal activities is 31% for detection, 24% for recovery, 15% for investigation, 13% for containment, 9%…

Centrify Perspective

Password Management: Amateurs Hack Systems, Professionals Hack People

By , November 17, 2016

To say it in the words of the security guru, Mr. Schneier,“Amateurs hack systems, professionals hack people.” Don’t believe that the typical hacker is the socially awkward 20-something-year-old young man who cannot make eye contact with someone at Starbucks —  like Elliot from Mr. Robot. The most successful hackers are truly gifted grifters who can “talk their way out of almost anything” — or better said, “talk their way into anything.” Kevin Mitnick is probably the most notorious hacker of recent years, who has mastered the art of exploiting human vulnerabilities to get into computer systems, including those of American…

From the Cloud

Federating Office 365 — an ADFS Alternative

By , January 11, 2016

So you have finally taken the plunge and decided to adopt Office 365. But as you embark on the Software-as-a-Service (SaaS) journey you come to realize that, as you adopt more and more SaaS applications, managing all these different logins could turn into a nightmare in the future. Not only would you have to touch each application when a new employee starts, but more importantly when an employee leaves. You start asking yourself questions like how do I manage to turn off access to all these cloud applications and how do I reclaim all the licenses from employees that have…