Rapidly Extending our Cloud Identity Solution

At Centrify, we are aggressively implementing our vision of Unified Identity Services which lets enterprises centrally manage identities across data center, cloud and mobile to optimize cost, agility and security — with the net result being one single login for users and one seamless identity infrastructure for IT. We are taking a decidedly “mobile first” strategy vis a vis identity, and in past blogs I have talked about how we are enabling Zero Sign-on from mobile devices (such as the recently announced Samsung Galaxy Note 3 and Galaxy Note 10) as well as ensuring that the underlying mobile device that users are using are managed and secured. In this blog post I want to talk about some of the recent enhancements we have made to our SaaS Management and SSO capabilities.

[Side note: At Centrify we run a “train” model for our cloud service where every three weeks to one month we update our Centrify Cloud Service with incremental functionality, so users can quickly get the latest and greatest features that they are requesting. This is different from the on-premise software model where nimble vendors such as Centrify deliver software upgrades every 3 to 6 months whereas our on-premise software competitors are slower and more lethargic and deliver updates every 1 to 3 years.

Part of our success in being able to rapidly iterate both from a cloud service and on-premise software perspective is our huge investment we have made over the years in Quality Assurance (“QA”) in terms of both automation and personnel, so that we can ensure that a new release does not “regress.” In fact we nearly have a 1 to 1 ratio of developers to QA which is markedly different from what competitors in the cloud, mobile and on-premise software spaces have. We also have development and QA centers in different time zones, so often when an engineer checks in his or her code in the late afternoon, a QA person is coming into the office and starting to test it out. This means in effect during workdays we are running a 7×24 software engineering factory which also means our ability to deliver new releases for both cloud and on-premise software is noticeable quicker without sacrificing quality given the investment I described in QA above. ]

Now back to the new features we have recently added to our Cloud Service. I want to highlight three features in particular that we have recently added:

  1. Localization into multiple languages of our MyCentrify portal (for end users) and our Cloud Manager portal (for IT)
  2. Per tenant branding
  3. Multi-factor support

Localization of our Cloud Service

With the latest release of our cloud service, we have started delivering local language support for our web-based interfaces as well as the corresponding documentation has been localized. The first language supported is simplified Chinese to be followed in later releases by 13 other languages for a total of 14 (!!) languages to be supported by our cloud service. No other cloud identity vendor offers such broad language support (or even comes close), which is key as end users are often in multiple countries speaking different languages but yet need access to mission-critical SaaS apps. Below is a screenshot of our support for Chinese that is available now:

Screenshot in Chinese

And here is our IT staff interface in Spanish that will be released shortly

screenshot in Spanish

Per Tenant Branding

The MyCentrify portal is and Active Directory-integrated portal gives each user a personalized view of their approved apps, their Mac and Mobile devices, and their activity, plus self-service features. By default it is branded “Centrify” (as shown in the screenshots above) but often customers want to brand this user portal to be their own company name with corresponding company colors etc.

The Centrify Cloud Service now supports per tenant branding, meaning each end user organization can brand their end user’s interface by customizing the login background color and logo as shown below:

Centrify Cloud Service now supports per tenant branding

Dashboard with custom branding

Multi-Factor Authentication

The final major feature we have added is Multi-Factor Authentication aka MFA. As a SSO as a Service offering, it makes perfect sense that you would want to be as cautious as is reasonable in allowing access to so many applications protected only by a username and password. With our latest release of our cloud service we have released the first of several capabilities to enforce more than a single username/password authentication factor. So much like to get money out of an ATM machine you need both a card (something you have) and a PIN (something you know), we also want to provide a similar multi-factor experience beyond knowing a password to access all your apps or certain apps through the MyCentrify portal.

In addition, the reality is that many SaaS ISVs such as Dropbox, Google and many others are adding 2-step/MFA experiences to their individual applications. Each of these experiences are different and must be individually configured and maintained. Most of them are not applied when an SSO solution is being used. With this new feature, Centrify for SaaS provides a single policy management location for applying MFA across thousands of applications exposing a very straightforward experience for the end user.
I want to go into more detail on this feature as I think it is quote cool, so I will use my next blog post to discuss it, but hopefully you can see from this blog post that Centrify is iterating really new cool features rapidly and driving functionality such as localized support for 14 languages that is unique in the industry.