Mobile Device Management: Your Phone or Mine?

My phone currently sits in my pocket, and as I write this blog, it vibrates silently — reassuring me that I have not lost it, providing updates from friends and family and reminding me of emails and chats I still need to respond to. Because of the inherent convenience and increased productivity they provide, our phones have become indispensable. It’s no wonder company leadership typically embraces the idea of a mobile-enabled workforce. However, mobile access should be tempered by the current security landscape, where the perimeter has shifted to the cloud. Security teams should take note that even with large investments,…

New Trend in the Security Space: Customers Want Vendor Consolidation and a Platform Approach

Starting late last year, I kept on hearing a growing drumbeat from customers that they were highly interested in consolidating the breadth of security vendors and products that they use internally to secure their enterprise. In past years, the talk by customers regarding “vendor consolidation” typically had been more in terms of the purchasing process and not having to deal with getting contracts and negotiating with yet another vendor. This time it was different — it has become clear to customers that having disjointed point solutions leave significant air gaps with regard to securing their enterprise, and that customers are…

How the Centrify Identity Platform Solves the IT Frankenstein Nightmare

In the novel Frankenstein, by Mary Shelly, Victor Frankenstein embarks on a quest to create life by using dead body parts, “collected bones from carnel-houses.” In the novel, the monster is totally uncontrollable and ultimately dooms his creator Victor. Frankenstein is not only a masterpiece of literature, but also represents a perfect analogy for today’s highly distributed business, and government, IT enterprises. Within the IT organizations of large enterprises, it’s very common to have different groups operating with almost complete autonomy, like small “kingdoms,” and these groups may rarely, if ever, coordinate their activities. Sure it’s true, that in some activities…

Top 3 Takeaways from Black Hat 2016

While I’ve been working in identity and access management (IAM) space since the early 1990s, this was the first year that I attended Black Hat, and it is the first year that Centrify has sponsored the event with a booth.  In preparation for it, we heard from many who had attended in the past about potential cyberattacks at the event. As a result, we made sure that everyone attending was prepared and knew what to expect based on previous reports from Black Hat events that we found including: Not Your Average Top 5 Things To Know Before Blackhat Rule 31 Black Hat…

How to Secure Your Mobile Device, In an Unsafe World

You’ve seen the news headlines, “900 Million Android Devices Vulnerable!” Which, at first glance seems pretty shocking — after all, that’s roughly half of all active Android devices. If you are like me though, this kind of news is becoming all too normal. It seems there is always some new hack, exploit or vulnerability. Before this, it was Stagefright – the vulnerability where an attacker could gain control of your device with just an MMS message. When it comes to mobile devices, there is a certain sensitivity. For most of us, if someone is able to gain control of our device,…

Securing Enterprise Identities For Dummies, Part 1

We have written extensively this past year (here, here and here) about how traditional approaches to creating a secure network perimeter are no longer sufficient to protect your organization in an increasingly mobile and cloud world. “Securing this traditional ‘network perimeter’ included layers of firewalls, intrusion detection systems, and other network security devices and systems intended to keep data safe against attack. Attackers know that with the right credentials, they no longer have to fight through the old ‘perimeter’ defenses. They now use stolen credentials to gain access to your critical data, just like an employee.” (from “Securing Enterprise Identities…

Centrify Named a Leader in the Gartner 2016 IDaaS Magic Quadrant

Today Gartner released its Magic Quadrant for Identity and Access Management-as-a-Service (“IDaaS”) and we are pleased to note that Centrify has been named a leader by Gartner in this Magic Quadrant (“MQ”). This is the third year in a row we have been included in the Gartner IDaaS MQ*, and we believe placement in the Leaders’ quadrant validates our unique ability to secure access to apps and infrastructure from any device for all users. Click here for a complimentary copy of the full report.   According to Gartner, “Leaders in the IDaaS market generally have made strong customer gains. They provide…

How To Protect Sales Ops Assets from Data Breach

If you’re a sales operations professional, you sit at the crossroads of user access to vital, proprietary information — to applications (whether on premises or cloud), including all those plugins to your CRM system.  There’s the interface/integration with your finance system, the customer success app, the technical support app, the integration with channel partners, the business intelligence app, the access you provide third party vendors to assist with management of their app…the list goes on. If a bad actor gets access to any one entry point, you’re in trouble.  Compromised credentials are the number one cause of data breaches, according…

For PCI Multi-Factor Authentication is Now Required for Everyone…and You Better Hurry

The “Payment Card Industry Data Security Standard” (PCI DSS) has long been a security and compliance driver for merchants, banks, hospitals, governments and anyone else that handles payment card information. PCI DSS standards are very prescriptive on what is expected in order to secure payment card data at rest and in motion, and also to require individual accountability while limiting access to only those with a need to know. Recently, the PCI council announced the latest release of PCI DSS version 3.2. This update includes 47 total clarifications, eight evolving requirements and three additional items of guidance. One of the…

Blackberry Partners with Centrify for Derived Credential Support on Good Secure Mobility Platform

Live from Mobile World Congress in Barcelona! Today, I am pleased to share that Blackberry has partnered with Centrify to provide an even greater level of security for highly regulated customers in the government and financial sectors that use Good Secure Mobility Platform. Together, Blackberry and Centrify are delivering a turnkey solution for using smart card-derived credentials for secure access to thousands of apps and servers on Good secured mobile devices. Blackberry wanted to open the door to full secure mobility for its public sector customers like state and federal governments, as well as security-conscious financial companies that rely on…