tonygoulding

Posts by Tony Goulding

Tony is a Technical Marketing Director at Centrify. He brings over 30 years of experience in security, software, and customer relationship building to the Centrify team.


Centrify Perspective

Racing Towards a Zero Trust Access Control Model

By , July 17, 2017

Drag racing. From 0 to 60 in less than 2 seconds. It’s all about controlled speed. Success depends on maximizing power, minimizing weight and drag, and no obstacles in the way! In IT when the pressure’s on, admins also want to avoid obstacles. They need to get the job done fast whether it’s an OS refresh, new corporate apps rolling out, or fixing a network outage. For this, they too need power (accounts like “root” or “administrator” with superuser rights). SO, just give your admins full rights all the time. Minimize obstacles, bureaucracy, red tape, friction. Jobs get DONE super…

From the Cloud

How to Keep Active Directory Active in a Hybrid IT World

By , January 25, 2017

For enterprise IT, “hybrid” is the word of the year. You’re either operating a hybrid infrastructure model already or you’re teetering on the edge. It’s getting easier now that AWS, Microsoft, Google et al are improving their services in support of such a model. At the Amazon AWS re:invent show in November, every other sentence contained the word “hybrid.” This was in stark contrast to last year where Amazon still firmly believed a total migration was the only logical choice. Some of our customers are very aggressive with plans to dissolve all their data centers and migrate everything to IaaS. The…

From the Cloud

The Great Gig in the Sky: Secure Hybrid Cloud

By , January 10, 2017

Every day I hear from companies concerned and frustrated over a specific challenge — how to stand up workloads in the cloud while maintaining privileged access security (PAS). Infrastructure-as-a-Service (IaaS) has become the great equalizer. It doesn’t matter whether you’re large or small, in finance, healthcare or government — we all share the same worries when it comes to securing access to, and in, the cloud. I was pondering this the other day while sipping a short, dry cappuccino and listening to Pink Floyd’s Dark Side of the Moon. I had an epiphany. Thanks to Roger Waters & Co, I walked away with…

Centrify Perspective

National Cybersecurity Awareness Month: Building Resilience in Critical Infrastructure

By , October 31, 2016

Your corporate network is like a pandora’s box with a lot of goodies on the inside… stuff that any self-respecting hacker (um, business person) would be happy to exploit and monetize. So the question is, what options do you have to stop or thwart progress as that attacker tries to gain access, sneak around and slowly but surely gain ground on your crown jewels? On the theme of “resilience” and focusing on privileged access security, what are some of the ways your infrastructure can be more flexible, adaptable and resistant to attacks? Redefining “Attack Surface” I like to think of this…

Hot Topics

Snowden: A “Trust but Verify” Story Gone Wrong

By , September 21, 2016

Snowden Movie Night Oliver Stone has brought “Snowden” to the big screen. Blimey. I’d finally stopped culling my social networks to the bone, put Mr. Robot hoodies in a box in the garage and stopped checking behind the shower curtain before getting in. Oh well. With hindsight and better insight, let’s reflect on some steps the government could take to mitigate this kind of situation happening again. In this blog, though, for a change, I’m going to start with the human angle instead of diving headlong into the technology. I want to highlight first the “people” in “people, process and…

From the Cloud

The Cows Have Come Home: Now is the Time to Implement Multi-Factor Authentication

By , June 13, 2016

During our conversations with customers and prospects these days, the question of implementing multi-factor authentication (MFA) usually begins with “when do you plan to?” instead of “are you planning to?” We no longer need to ask: “Are you planning to implement MFA for remote server access and application access?” “Are you planning to implement MFA for password checkout and privilege elevation?” Starting the question with “when” assumes it’s a given. It is. The power and value of MFA is now broadly recognized. More so in the U.S. now that the Payment Card Industry Data Security Standard (PCI-DSS 3.2, April 2016) has…

It's All About Identity

Why Outsourced IT Deserves As Much (Or More) Security Than Internal IT

By , February 8, 2016

  This is a very short blog. Short on text, that is. Long on value. If you’re in IT, especially in IT management, please click on the following link to see the many ways — some unique to Centrify — that our new Server Suite 2016 and Privilege Service 15.12 protect your most sensitive data from being stolen. Rather than toss out a load of features and leave you struggling to figure out how to thread them together in a meaningful way that addresses your specific business needs, we’ve weaved them into a story. Stories are great! It’s fictional, but oh so apt given all the…

From the Cloud

Outsourced IT Part Deux

By , January 12, 2016

Let’s continue our purely fictional story from last time, where we stepped into the shoes of our IT consultant, Tony. You may recall he works for ACME Consulting who provides outsourced IT services to Banzai. In a nutshell, we showed how easy it can be for Banzai to improve security, reduce risk, increase visibility, and provide secure access from anywhere, leveraging Centrify’s Privilege Service and Server Suite. Let’s peek inside Banzai’s IT world for an update from the IT Director, Tom: Well, the results came in and it’s safe to say (no pun intended) that our expectations were fully met with the…

It's All About Identity

Cyberthreats — Demystifying Vendor Jargon

By , December 2, 2015

“I’m getting totally lost” David confided over a spinach Jamba Juice in the break room. “Cyberthreats are the buzz in the press and in the C-level washroom. So guess what, it’s now become my priority and frankly, I’m overwhelmed with it all — the complexity, the risk to the business, all the ‘solutions’ promising to solve it but that seem to be all over the map. Arrgggggg!” Theresa could see the panic in David’s eyes. Definitely bridge jumping material. Need to talk him off the ledge. “OK, David. Think happy thoughts. Think happy IT, nice and safe and secure.” He visibly calmed. “Look, every…

It's All About Identity

Handing Over The Keys Without Exposing The Whole Kingdom

By , November 12, 2015

Are you nervous about the prospect of handing over superuser account passwords to a 3rd party? Have you already outsourced IT functions and reluctantly handed over the keys? If the answer to either one is “yes” then you’re faced with a potentially risky situation. Of course, you trust your partner. You’ll have performed background checks on individuals, established SLAs and operational best practices that constrain the usage of these privileged accounts. Still, surveys tell us that data breaches by insiders exploiting privileged identities are rampant, so why should we think we’re any safer trusting an external 3rd party where we…