Posts by David McNeely

David McNeely is VP of Product Strategy at Centrify Corporation.

Centrify Perspective

Introducing Centrify Identity Services for HashiCorp Vault

By , April 17, 2018

Today, Centrify is proud to announce the integration of the Centrify Identity Service with HashiCorp Vault for role-based user authentication and access to the Vault. The Centrify Next-Gen Access Management platform now provides an additional Auth Method called “centrify” for HashiCorp Vault. This Auth Method allows you to authenticate users to HashiCorp Vault, leverage any connected directory source for authentication, and enable role-based authorizations to Vault resources using Centrify Roles. Figure 1: HashiCorp Vault integration with Centrify Identity Services INTEGRATION, AUTHENTICATION, ACCESS There are several benefits to using Centrify for user authentication to HashiCorp Vault: Centrify brokers authentication to any…

From the Cloud

Centrify Identity Services: Securing Docker and Containers

By , January 15, 2018

Introduction We are excited to announce that Centrify now supports CoreOS Container Optimized Linux which several of our customers are using as part of their adoption of containerization for their application deployments. But first, let’s start with an overview of how Centrify can help you protect access to these containerized platforms and the applications that run on them. As organizations embrace hybrid cloud environments moving their applications and other workloads to public clouds such as AWS, Azure and Google, application developers building custom apps inevitably rework their applications to take advantage of the hosting platform capabilities such as auto-scaling enabling…

It's All About Identity

Changing the Game: Simplified Authentication to IaaS

By , December 1, 2016

I am pleased to introduce the Identity Broker capability of the Centrify Privilege Service. Identity Broker for Linux enables a new paradigm in user authentication to Linux systems, which seamlessly integrates your choice of directory service, including Active Directory, LDAP directories or cloud directories such as Google G Suite Directory. This is a significant advancement in Centrify’s identity consolidation capabilities and delivers freedom of choice when deciding where to store your identities. For 12+ years, Centrify has focused on delivering some of the best possible integration of Linux servers into Active Directory. Our customers are successfully securing identity, authentication and privilege across…

Centrify Perspective

Top 3 Takeaways from Black Hat 2016

By , August 16, 2016

While I’ve been working in identity and access management (IAM) space since the early 1990s, this was the first year that I attended Black Hat, and it is the first year that Centrify has sponsored the event with a booth.  In preparation for it, we heard from many who had attended in the past about potential cyberattacks at the event. As a result, we made sure that everyone attending was prepared and knew what to expect based on previous reports from Black Hat events that we found including: Not Your Average Top 5 Things To Know Before Blackhat Rule 31 Black Hat…

From the Cloud

Smart Card Login to Cloud-Based Apps and Privileged Identity Management Services

By , December 18, 2015

I am excited to announce that Centrify has added Smart Card login as a core feature of our Cloud Identity Platform supporting both the Centrify Identity Service as well as the Centrify Privilege Service. Smart Cards in physical form (CAC/PIV), derived credentials, virtual smart cards as well as USB PKI Keys (such as Yubikey or SafeNet eToken Pro) can now be used to login to your agency’s personalized Centrify cloud portal for access to SaaS applications as well as privileged user access to authorized servers and networking devices. There are several reasons that our customers are asking for this capability as they…

It's All About Identity

Secure Windows Administration and Eliminate Dual Active Directory Accounts for Administrators

By , March 17, 2015

I’ve seen many environments lately where the Windows administrators have two Active Directory accounts, one that they use for their normal end user activities, such as reading email, and the other they use for any administrative duty. This creates several very real problems: a) the admin now has two different accounts with a password that he must now maintain over time, probably not a huge problem but just a pain for the admin; b) you still have to trust the admin where he will use the second admin account and hope that he doesn’t use it for normal daily activity…

It's All About Identity

Secure Identity for Hadoop @ Strata+Hadoop World 2015

By , February 24, 2015

The most interesting thing to me about Strata+Hadoop World was the stories about what everyone is doing with Hadoop or Big Data. We heard numerous stories about how data scientists are using Hadoop to analyze customer data, financial data, web site click traffic, etc. In fact, most of the people who came to the show were realizing the value of Hadoop technology, while very few were responsible for the IT infrastructure that it runs on (who we normally sell security solutions to). And the most common title at the show was Data Scientist, which got me thinking that we should have a Security…

Centrify Perspective

Mitigating Vulnerabilities Related to Unmanaged SSH Keys with Kerberos

By , October 15, 2014

SSH has become the defacto method to access UNIX and Linux computers over the network for several different use cases – from shell access or file transfers, to batch jobs that need to communicate with other computer or apps, to name a few. As with any remote access solution to a system that contains corporate data, centralized authentication and access controls are critical to ensure that only the right users can access that resource in line with the business needs. However the challenge is that SSH Server that is typically configured for remote access on nearly all UNIX and Linux systems…

Mobile Frontier

Centrify for Mac 2014.1 Integrates Cloud-based Management and Expands Smart Card Services

By , September 23, 2014

We are happy to introduce Centrify for Mac 2014.1, which builds upon our best-in-class Active Directory integration to provide users with Single Sign-on (SSO) to our catalog of more than 3000 web and SaaS Apps through integration with the Centrify Cloud Service. The integration with the Centrify Cloud Service also provides IT admins with remote management of Macs as well as the user’s mobile devices. This release also provides expanded support for Smart Cards with integrations into other popular applications such as Firefox, Thunderbird and the DoD Encryption Wizard. We built Centrify for Mac to empower Corporate IT to manage Macs…