Centrify Perspective

Centrify Perspective

As a leader in unified identity management, Centrify offers helpful information for organizations to enable greater user productivity, improved IT efficiency, better regulatory compliance and lower TCO of their identity infrastructure.


By , May 31, 2017

The number of account credentials that has been stolen in the last 10 years has exploded to a degree that is unprecedented. It is now a fait accompli that many of the security tools out there can’t help you as 81% of data breaches come from compromised credentials. Lets delve into how easy it is to break into almost any account. Hackers have invented the digital equivalent of a master key. If you look at sites like SecLists, Weakpass, and Hashes.org —  not to mention berzerk0’s probable wordlists on github which is a clever amalgam of password wordlists. Here you will find…

By , May 23, 2017

The Continuous Diagnostics and Mitigation (CDM) Task Order for CREDMGMT provides guidance and tools to federal civilian agencies to fulfill the Manage Credentials and Authentication (CRED) Function. This functional area is designed to prevent the binding of credentials the use of credentials by anyone other than the rightful owner (person or service). The approved tools provide careful management of credentials, preventing attackers from using hijacked credentials to gain unauthorized control of resources, especially administrative rights. The CRED capability ensures that account credentials are assigned to, and used by, authorized people or services. This solution relies on the results of the…

By , May 22, 2017

The volume and frequency of data breaches seem to have hit a new high in recent months. But away from the sensational headlines, do we really know what the impact of such incidents can be on the victim organisation’s reputation and bottom line? Centrify recently commissioned the Ponemon Institute to shine a light on exactly this area — interviewing CMOs, IT practitioners and customers — and uncovered some fascinating findings. Not only do UK firms on average see a lasting share price slump of 5% following a breach, but many IT and marketing professionals are profoundly divided –from each other…

By , May 17, 2017

Last time, I wrote about adaptive authentication and briefly touched on behavior analytics being an integral part of adaptive authentication. For true behavior analytics, you need some smart AI powered multi-factor authentication (MFA). Now, if you think about it and put the pieces of the puzzle together you might be able to kill passwords altogether. Wouldn’t that be nice? You no longer need to remember any passwords and all you need is access to one of your MFA tools when authenticating. With the increased use of smart phones and other devices for MFA, businesses now more than ever have the…

By , April 26, 2017

A recent Forrester study examined four levels of identity and access management (IAM) maturity and found a direct correlation between the number of privileged identity management (PIM) best practices implemented and the number of security incidents encountered by an organization. Wait, Isn’t Privileged Identity Management == Password Vault? Nope. Centrally controlling shared access to non-human accounts and automating periodic password rotation for shared accounts reduces risk, no doubt. This is a critical component when minimizing your attack surface and will make it harder for hackers to get in to your environment (initial compromise) — it is a best practice. However,…

By , April 20, 2017

Recently, Illinois Governor Bruce Rauner unveiled a broad-based cyber security plan. He announced the framework of his team’s plan for better cyber security, but it only covers the executive branch agencies. This approach of only implementing a plan to provide cyber security tools to select areas and users because they are deemed more important is known as a “privileged user.” This is only a partial solution because everyone in the organization is a “super user” in today’s technology driven organizations — everyone has a need to access technology that contains some level of meaningful information. All technology in organizations are…

By , April 19, 2017

When our baby first started crawling, we installed gates in all the doorways.  This kept her in safe, baby proofed areas.  We didn’t have to worry about her accidently wandering into a room and getting into something that could harm her.  It also allowed us to keep some things “nice” that a toddler would normally want to “play” with. Controlling Access for Security Best Practices But, what does this have to do with role-based access control (RBAC)?  Well everything.  As she grows and gains more skills, we adjust her access to the house.  It might be low tech, but it…

By , April 5, 2017

A few weeks ago, the Wall Street Journal ran a story about a laundromat in Carbondale, Colorado that was infected with the Mirai internet virus. Unbeknownst to the business owner, an internet-connected video recorder had been infected and was scanning the web for places to spread itself. The only sign that something was amiss was the fact that the device was regularly acting up — disconnecting the remote viewing app and forcing the owner to reconnect it by restarting the digital video recorder. While the story didn’t reveal any new developments, it does serve as an important reminder that malware…

By , March 29, 2017

Few managers would throw their employee the keys to a big rig with two loaded trailers to pick up a pint of milk from a nearby convenience store. Apart from the problem of parking, the vehicle is massively over-specced for the job at hand, which creates unnecessary safety risks, both to the driver and to other road users. However, this is essentially what occurs each day in businesses around the world as employees are given access to privileged computer accounts that massively exceed the needs of their jobs. The result is often devastating in terms of corporate security with many…