Posts by Tim Hill

Tim Hill, Director of Product Management and Strategy, is an Air Force Veteran with over 25 years of experience as Information Security Leader in Fortune 50 companies from industrial electronics to consumer health insurance. Tim has a depth of expertise regarding large mergers and acquisitions as well as large outsourced IT operations both representing the consultant side as well as the customer of outsourced IT operations. Tim’s experience correcting the flaws of corporate Identity and Access Management implementation and practices, through the use of commercial products and holistic corrections to the business processes best described as the life cycles of IT, Business, and non-human users. Tim brings real-world experience to Centrify, as well as the insights of Identity Leader who has responded to and helped correct multiple industry breaches.

Centrify Perspective

Behind the Numbers: Database Authentication and Authorization

By , August 22, 2018

Earlier this month, I posted a blog about how most companies I speak with have not implemented a modern database authentication and authorization approach. I also recommended 8 steps IT leaders can take to modernize their database management operations. Upon reflection, I think an interesting follow up would be to take a look at some numbers that further illustrate the need to put effective database authentication and authorization practices in place to secure the enterprise. LOOK AT THE NUMBERS Let’s create a fictitious sample company to examine, called Company X. At the DB Survival Blog site, the accepted high-end number…

Centrify Perspective

Implementing Modern Approaches to Database Authentication and Authorization

By , August 8, 2018

The most common question I hear about Database Accounts is, “Can your solution vault Database Service and other Privileged Database Accounts?” Every time I hear this question, a voice in the back of my head wants to ask, “Have you implemented modern approaches to Database Authentication and Authorization Management?” See the real problem is the majority of Databases and the hosted Database Instances still have legacy Database Authentication and Authorization methodologies applied to them, so we are trying to apply a band-aid to the issue by reaching into the databases and vault the DB local accounts. THREE DATABASE APPROACHES Let’s…

Hot Topics

Cybersecurity Awareness Month: Protecting Critical Infrastructure from Cyber Threats

By , October 30, 2017

It is interesting and at times bewildering, that in the many years following the failures of 9/11, we still have not found a way to share threat intelligence information without exposing classified information which may compromise the source. Look at these five primary pieces of infrastructure, which exist in every modern society, consider the interdependencies, and how a persist threat or disruption to one dependency can cascade throughout these infrastructure dominos. Primary Role: Electrical Power Generation/Distribution Dependencies on: Above and below ground electrical distribution wires. Network Access to connect power generation and distribution systems. Backup generation systems for internal systems….