Centrify Perspective

Centrify Perspective

As a leader in unified identity management, Centrify offers helpful information for organizations to enable greater user productivity, improved IT efficiency, better regulatory compliance and lower TCO of their identity infrastructure.


By , October 17, 2017

Without a doubt, the most frustrating fact I face every day is this: Companies spend a meager 4.7% of their total security budgets on identity and access management (IAM) – while compromised identities are responsible for 80 percent of all data breaches. Eighty percent. This glaring disconnect is almost more than I can wrap my head around. Here’s the math: According to Gartner’s “Forecast: Information Security, Worldwide, 2015-2021, 2Q17 Update,” in 2015, companies spent nearly $84 billion on security. Approximately 4.7 percent of that ($4 billion) went towards identity and access management. This year, the total security spend is projected to…

By , October 12, 2017

Whether you’re a small business, a large business, an academic institution, a non-profit or a government agency, it is now absolutely critical that you weave a fabric of security throughout your organization. You’ve heard it a thousand times, but it can’t be overstated: Culture is created at the top and trickles down into the organization. Today’s executive leadership must do more than issue edicts and implement tools. They must truly embrace security. Leaders must deeply understand and regularly communicate its importance to the health of the organization. Executives from all departments in all industries should make it a goal to…

By , September 13, 2017

(Hint: You Won’t Believe the Answer) My last article “Do You Know How Easy It Is to Guess Your Password? (Hint: You Don’t Want to Read This!)”, was about how hackers can obtain massive databases of human generated passwords and run them through off-the-shelf tools on commodity hardware by using Graphics Card GPUs to gain speed and computing cost advantage. This article will delve into how easy it will be for your grandma to rig up a password cracking machine. First step for Grandma is to visit Amazon and pickup some hardware. Perhaps a nice BitCoin mining rig that can compute…

By , September 7, 2017

These days, it’s pretty clear that to protect systems and data, organizations need to go beyond traditional perimeter defenses. Because most modern cyber-criminals exploit user credentials to get a foot in the door, user identities have become the new perimeter. And leading organizations are turning to MFA to secure their complex, heterogeneous environments. MFA mitigates password risk by requiring additional factors of authentication: something the user knows, has and is. It’s not difficult to implement, but some up-front planning can further enhance security and save a lot of time and effort. MFA is one of the best ways to prevent…

By , August 30, 2017

When I read the 2017 Verizon data breach report, I couldn’t help but notice that it would be relatively easy to reduce an attack surface by implementing a few best practices. Granted, that might mean you will need to spend some money, but considering that a breach could cost you $15 Million or more, according to Ponemon, and considering that 81% of breaches involve a weak or stolen password, wouldn’t it make sense spending your money where it has the most impact? Organizations need to reduce their attack surface! Now before I share tips provided by Verizon and Centrify on how you…

By , August 21, 2017

In the last 12 months, Centrify is the only company to be acknowledged for it’s  vision and leadership in the Gartner Magic Quadrant for Identity and Access Management-as-a-Service,  The Forrester Wave: Privileged Identity Management, and in the Gartner Critical Capabilities for IDaaS Research for Workforce to SaaS, 2016. These acknowledgements demonstrate our growing influence in the industry with a unique point of view for customers who recognize the increased value in securing access for all enterprise identities in one, built from the ground up platform vs. the point solutions offered by others in the industry. Our mantra has been and…

By , August 17, 2017

A recent FCW article authored by Derek Handova provides expert opinions from experienced and well respected “identity” professionals: Paul Grassi, Sr. Standards & Technology Adviser at NIST, Jeremy Grant former Sr. Executive Advisor for Identity Management at NIST and now Venable’s managing director for technology business strategy.  Mr. Terry Halvorsen, former CIO for the Department of Defense and Army Col. Tom Clancy, Identity and Asset Management lead for the Department of Defense CIO’s office also provide their thoughts and ideas regarding multi-factor authentication. Their comments, along with other industry experts interviewed by Handova, were thoughtful and worth keeping in mind…

By , August 8, 2017

Last week, I discussed the first three reactions I had to the “Cisco 2017 Midyear Cybersecurity Report.” I discussed how vendor consolidation is increasing, how spyware is being branded as malware and how detection of threats is continuously improving. DevOps as a Target In the Vulnerabilities section of the document, Rapid7 describes how DevOps is a target and vulnerability for many companies that may use things like AWS, Azure, or Docker frameworks for development. When these resources are built, they are not always deployed in a secure state and often are left behind to run indefinitely. Identity management tools that…

By , August 3, 2017

When reading this year’s “Cisco Midyear Cyber Security Report,” a few things jump out that bear discussion. Vendor Consolidation First, one of the key findings is related to the “fragmented security toolbox,” and from it, having so many point solutions solving for security gaps actually creates problems. If they are layered effectively, integrated fully and managed appropriately, point solutions are a winning approach. But when you look at the number of separate solutions that need individual attention to stay effective, the administrative burden deters from incident response plan. This leads to the report’s conclusion that consolidation of vendors limits this effect….

By , August 1, 2017

As with most aspects of the EU, unhindered cross-border data flows are something most U.K. firms just take for granted these days. Thanks to the cloud, huge volumes of corporate data is stored in third party providers’ data centres, frequently not even in the UK. Aside perhaps from those in highly regulated sectors, corporate users don’t think twice about accessing that data, and sending it to and from partners and customers on the continent. However, the U.K.’s departure from the world’s biggest trading bloc raises new questions about the legality of such transfers. In a new report, the House of…