6 Reactions to the Cisco 2017 Midyear Cybersecurity Report: Part 1

When reading this year’s “Cisco Midyear Cyber Security Report,” a few things jump out that bear discussion. Vendor Consolidation First, one of the key findings is related to the “fragmented security toolbox,” and from it, having so many point solutions solving for security gaps actually creates problems. If they are layered effectively, integrated fully and managed appropriately, point solutions are a winning approach. But when you look at the number of separate solutions that need individual attention to stay effective, the administrative burden deters from incident response plan. This leads to the report’s conclusion that consolidation of vendors limits this effect….

Racing Towards a Zero Trust Access Control Model

Drag racing. From 0 to 60 in less than 2 seconds. It’s all about controlled speed. Success depends on maximizing power, minimizing weight and drag, and no obstacles in the way! In IT when the pressure’s on, admins also want to avoid obstacles. They need to get the job done fast whether it’s an OS refresh, new corporate apps rolling out, or fixing a network outage. For this, they too need power (accounts like “root” or “administrator” with superuser rights). SO, just give your admins full rights all the time. Minimize obstacles, bureaucracy, red tape, friction. Jobs get DONE super…

Centrify Wins PC Magazine’s 2017 Identity Management Solutions Editor’s Choice Award

PC Magazine recently published a review of the top 2017 Identity Management Solutions and we are pleased to announce that Centrify was one of only three vendors that received the Editors’ Choice Award! The Editors’ Choice is awarded annually to products/services that rise above similar products in their categories and the products under consideration have been reviewed by expert analysts in PCMag Labs. Specific features that were commended by PC Magazine were capabilities such as robust reporting, easy to use on-premises app, quick integration with user identities from social networks, and our risk-based authentication that leverages machine learning. Our user…

What are CDM and CRED?

The Continuous Diagnostics and Mitigation (CDM) Task Order for CREDMGMT provides guidance and tools to federal civilian agencies to fulfill the Manage Credentials and Authentication (CRED) Function. This functional area is designed to prevent the binding of credentials the use of credentials by anyone other than the rightful owner (person or service). The approved tools provide careful management of credentials, preventing attackers from using hijacked credentials to gain unauthorized control of resources, especially administrative rights. The CRED capability ensures that account credentials are assigned to, and used by, authorized people or services. This solution relies on the results of the…

Undue Privilege Costs Cash and Undercuts Security

Few managers would throw their employee the keys to a big rig with two loaded trailers to pick up a pint of milk from a nearby convenience store. Apart from the problem of parking, the vehicle is massively over-specced for the job at hand, which creates unnecessary safety risks, both to the driver and to other road users. However, this is essentially what occurs each day in businesses around the world as employees are given access to privileged computer accounts that massively exceed the needs of their jobs. The result is often devastating in terms of corporate security with many…

Announcing Centrify’s New Analytics Service

After about two years of incredible hard work from the Centrify team, I am excited to announce the Centrify Analytics Service! Our goal for Centrify Analytics Service is to extend the Centrify Identity Services Platform to provide risk-based access management across apps and infrastructure. We all by now agree that IT and security teams in any enterprise are challenged with the risk of being breached in an enterprise that spans across cloud, mobile and data center. Traditional perimeter-based security is not good enough anymore, and the industry supports this claim: PwC in Information Security Breaches Survey 2016 titled, “A matter of when,…

How to Keep Active Directory Active in a Hybrid IT World

For enterprise IT, “hybrid” is the word of the year. You’re either operating a hybrid infrastructure model already or you’re teetering on the edge. It’s getting easier now that AWS, Microsoft, Google et al are improving their services in support of such a model. At the Amazon AWS re:invent show in November, every other sentence contained the word “hybrid.” This was in stark contrast to last year where Amazon still firmly believed a total migration was the only logical choice. Some of our customers are very aggressive with plans to dissolve all their data centers and migrate everything to IaaS. The…

The Great Gig in the Sky: Secure Hybrid Cloud

Every day I hear from companies concerned and frustrated over a specific challenge — how to stand up workloads in the cloud while maintaining privileged access security (PAS). Infrastructure-as-a-Service (IaaS) has become the great equalizer. It doesn’t matter whether you’re large or small, in finance, healthcare or government — we all share the same worries when it comes to securing access to, and in, the cloud. I was pondering this the other day while sipping a short, dry cappuccino and listening to Pink Floyd’s Dark Side of the Moon. I had an epiphany. Thanks to Roger Waters & Co, I walked away with…