Posts by Barry Scott

Barry Scott is CTO of EMEA. An industry veteran with over 25 years’ experience working in the Windows, Unix and Linux space helping major organisations in almost every industry vertical. The last 9 years of Barry's career have been spent helping organisations manage their Identity Management and Auditing challenges.

Hot Topics

ABC…Easy as 1-2-3 (When it Comes to Passwords Anyway)

By , February 18, 2016

The new year usually brings new intentions and often changes to old habits. But it seems that old habits die hard, especially when it comes to changing our passwords. According to SplashData’s list of the worst passwords of 2015, it’s the same old story. Highlighting the insecure habits of users, once again ‘123456’ and ‘password’ rank as the most commonly used passwords — just as they have since the company’s first list in 2011. It seems incredible that people continue to put themselves and their personal data at risk, especially after a year of increasingly high profile attacks on consumer…

Centrify Perspective

Should Passwords Have a “Best Before” Date?

By , November 16, 2015

I recently touched on the GCHQ/CESG password report about passwords — ‘Password Guidance – Simplifying Your Approach’ — a government best practice document aimed at UK organisations and designed to help protect against password breaches. Should changing passwords be mandatory? As a general guidance document, it makes some valuable suggestions and recommendations on password practices. However it was interesting to see the comments around changing passwords. It says that “most administrators will force users to change their password at regular intervals, typically every 30, 60 or 90 days,” but suggests that this “imposes burdens on the user” and “carries no real benefits.” While we…

Hot Topics

Sharing – is it Just a Generational Thing?

By , September 28, 2015

It’s good to share, but I do wonder if perhaps we share a bit too much nowadays. Passwords to some of our most sensitive information are a good example of this. I was on the train a few weeks ago and a woman of about 20 years of age got on. Four stops later, I knew her doctor’s name and the details of her next appointment, the username and password to one of her accounts that she decided to share with her mother, and credit card information. This could have been a case study on what not to do —…

Centrify Perspective

Rage Against the Machine — Are Passwords Driving Us Mad?

By , August 20, 2015

It’s said that if you listen very carefully you can hear grown men and women in offices across the country weep as, head in hands, they try desperately to remember their passwords. There’s little doubt that we’re becoming increasingly frustrated with the sheer number of passwords we have to remember every day. According to a Centrify survey last year looking at digital identities, over a quarter of respondents said they enter a password online more than 10 times a day, which is potentially 3,500 to 4,000 times a year. It’s no surprise our frustrations are getting the better of us. IT…

It's All About Identity

Privilege vs. Productivity

By , April 16, 2015

Access to sensitive data is a constant worry; we only need to switch on the news to see another story of an attack or data breach. With concern mounting, it’s easy to see why there is high demand for new solutions to combat these threats. With many businesses struggling to keep up with the demands of employees working in different locations, logging on from home, or traveling with mobile devices, there is an increasing need to manage the security of employee accounts. Appropriate assignment of administrative privileges is seen as one of the top security challenges. Restricting and protecting highly…

Centrify Perspective

Shadow IT – Back Into the Light

By , January 26, 2015

“Shadow IT” hints at people doing bad things to deliberately make life difficult for the IT Department, and sounds as if the phrase probably originated in IT. Shadow IT often refers to people in a company using SaaS applications that have not been officially blessed by IT. However, they do so not just to annoy IT, but because they’ve found applications and tools that make their lives easier, allow them to work faster in a way that suits them, and ultimately make the company (and hopefully themselves) more successful. In this blog post I’ll attempt to explain how IDaaS (Identity…

Centrify Perspective

Who is Next? What the Latest High-Profile Security Breaches Should Tell Us About Passwords

By , December 15, 2014

We previously posted a blog looking at the recent spate of high-profile hacks, and posed the question, “Are celebrities any worse at choosing their passwords, or are we all as bad as each other?” The question now seems to be “Who’s next?” The recent iCloud hacks proved that we are all at risk of a security breach, whether we are a celebrity, with a large or small organization, or are simply a consumer using an online service or application. In reality, the question should not be “Who’s next?” Instead, our main considerations should be “How do we learn from this?”,…

Centrify Perspective

Are Celebrities Weaker than the Rest of Us?

By , October 28, 2014

With the recent spate of high-profile hacks, and yet another report of nude celebrity photographs being leaked online, it’s worth posing the question, “Are celebrities any worse at choosing their passwords, or are we all as bad as each other?” As more and more pictures are released online, the question “How has this happened?” is a growing concern. While the exact method used remains unknown, it has been suggested that brute force methods were used alongside more targeted phishing attacks in order to steal personal photographs from celebrity accounts. A “brute force” attack relies on malicious, automated software to repeatedly…

Centrify Perspective

Five Reasons Traditional Enterprise Security is no Longer Good Enough

By , October 1, 2014

Targeted attacks and security breaches continue to steal the headlines on a daily basis, and no person or organization is immune to the threats. Instances in which personal information is compromised have now become commonplace, as security threats have become increasingly complex, sophisticated and targeted. Unfortunately, with today’s mobile culture and BYOD workforce the threat landscape has broadened. And while the nature of attacks and threat vectors are evolving, traditional security is no longer a match for these attacks. IT departments do not have the resources to address each and every threat as it arises. As such, new technologies provide the…