I am excited to announce Centrify’s new partnership with Elastica, an emerging cloud access security broker (CASB) vendor that provides granular user visibility & analytics along with security controls for cloud-based services. I’d like to provide some more color on the market opportunity & challenges that led us to this partnership and why customers will benefit from a joint Centrify & Elastica solution.
We all know that the usage of SaaS applications is now widespread among organizations and made even more so by their prolific consumption from mobile devices. This trend however has reduced IT’s visibility and control of enterprise data, especially when accessed from unmanaged devices. As SaaS apps serve increasingly mission critical roles, and the BYOA trend spurs adoption of “shadow SaaS apps” by users, it can present one of the biggest security risks in an organization with the following challenges:
This is leading to CIOs and IT organizations asking the hard questions:
- “How can I control access to each SaaS app based on an user’s role or device or location?“
- “What are my users then doing inside each SaaS app?”
- “Where and when are my users performing these actions?”
- “Are the users’ actions inside the apps permissible based on their Active Directory groups?”
- “Is any of the user behavior anomalous or within daily expected profiles?
- “What data is being shared or uploaded by which users – and to whom?”
- “What type of edits are they performing on document sharing apps?”
To answer these questions requires technology that can identify the user, trust their device, tie users & actions against their enterprise directory, understand SaaS apps deeply and has powerful data science & analytics for SaaS user behavior.
Elastica and Centrify’s technologies have come together to provide multiple security services for SaaS apps – like identity & federation, user provisioning, device profiling & policy conformance, audit & logging, end-user portals, DLP and malware protection.
Centrify for SaaS is the industry’s first Identity-as-a-Service (IDaaS) solution to provide both robust Active Directory and cloud directory based SaaS Single Sign-on, access management and mobile device/app management. End users not only love the 1-click access to apps but also the self-service features from their portals. IT loves the easy-to-deploy, cloud-based service that delivers enterprise identity based access control to SaaS applications, with unique integrated mobile security.
Elastica’s CloudSOC intelligently addresses security issues for organizations who’ve deployed cloud services applications — from providing visibility to identifying threats (and their ramifications) to enabling more refined controls around cloud applications. Simply put, the Elastica service interjects visibility & security controls between users and the cloud-based services they consume.
Together, I see a symbiotic relationship between Centrify’s identity services and Elastica’s data science solutions that meet the cloud security challenges outlined above.
Centrify solves the “first half” of the SaaS cloud security puzzle by providing two benefits. First by using Centrify’s unique identity-centric mobile device & app management (MDM/MAM) solution, organizations can transparently route cloud app access from end users’ mobile devices and Mac/Windows desktops and laptops through the Elastica cloud gateway. This enables the Elastica service to inspect SaaS traffic and interject the required security controls. Second, Centrify’s IDaaS features allow end users to get 1-click access to these SaaS apps while providing the Elastica service with valuable information on the user’s enterprise identity context & role from the organization’s Active Directory infrastructure.
Elastica solves the “second half” of the SaaS cloud security puzzle by combining multiple information flows from real-time cloud service traffic flows, mobile devices and firewall logs to infer granular user activity. It combines Centrify provided user identity with its advanced machine learning and data science techniques to get deep insights about cloud service user activity & behavior patterns. An automated “ThreatScore” is assigned based on usage patterns that can be used to trigger intelligent security actions.
Gartner research has identified the market need and discussed the emerging market for cloud services brokerage in a note published under “The Growing Importance of Cloud Access Security Brokers”— CASBs are entities that are capable of providing multiple types of security services for accessing cloud applications from a single solution. Gartner concludes by recommending organizations to consider a solution with multiple security policy enforcement capabilities from a single platform to avoid separate siloed solutions.
We believe Centrify+Elastica offers this single solution and look forward to joint customer adoption over the coming months! In the meantime I would welcome to hear your thoughts and feedback on this topic.