Driving Cloud-Based Agility at Rémy Cointreau with Centrify

Business requirements and information security priorities have always had a tough time aligning. It’s even become something of a cliché these days to say that security is a block on agility, productivity and growth. Yet it doesn’t have to be that way. Rémy Cointreau’s recent collaboration with Centrify is a great example of how, when implemented correctly, security can actually support the business: in this instance, our move to a more agile, cloud-based infrastructure.  On the opening day of Infosecurity Europe in London, I explained to a packed audience exactly how the Centrify Identity Service is helping our employees work…

Cybersecurity Must Be Top of Mind in the C-Suite

Data security breaches are no longer just an IT problem—they’re a C-suite problem. By now this should be obvious to everyone. Today’s advanced hackers — including cybercriminals, nation states, hacktivists and malicious insiders—are perpetrating ever more targeted, dangerous and frequent attacks. And the cost of these attacks is growing fast. The average total cost of a breach was $4 million in 2016, up 29 percent since 2013. And yet security is still not top of mind in the C-suite. Too many CEOs still consider security breaches merely a cost of doing business — rather than a serious threat to their…

Centrify named a Visionary in brand new Gartner Access Management Magic Quadrant

Centrify has been identified by Gartner, Inc. as a visionary in the 2017 Magic Quadrant for Access Management. Centrify received the honor for our ability to execute and our completeness of vision, which is evaluated based on a deep understanding of the industry, product innovation, and marketing, sales, and geographic strategy. At a time when cyber breaches are rising in volume and velocity, Centrify represents a massive rethink of security. It is the only complete platform that stops breaches through a trifecta of Identity Services for applications, endpoints and infrastructure — both on premises and in the cloud. Unlike other…

Password Vaults Alone Are Not Enough to Stop the Breach

A recent Forrester study examined four levels of identity and access management (IAM) maturity and found a direct correlation between the number of privileged identity management (PIM) best practices implemented and the number of security incidents encountered by an organization. Wait, Isn’t Privileged Identity Management == Password Vault? Nope. Centrally controlling shared access to non-human accounts and automating periodic password rotation for shared accounts reduces risk, no doubt. This is a critical component when minimizing your attack surface and will make it harder for hackers to get in to your environment (initial compromise) — it is a best practice. However,…

Role-based Access Control: Keeping Your Business Out of Harm’s Way

When our baby first started crawling, we installed gates in all the doorways.  This kept her in safe, baby proofed areas.  We didn’t have to worry about her accidently wandering into a room and getting into something that could harm her.  It also allowed us to keep some things “nice” that a toddler would normally want to “play” with. Controlling Access for Security Best Practices But, what does this have to do with role-based access control (RBAC)?  Well everything.  As she grows and gains more skills, we adjust her access to the house.  It might be low tech, but it…

Undue Privilege Costs Cash and Undercuts Security

Few managers would throw their employee the keys to a big rig with two loaded trailers to pick up a pint of milk from a nearby convenience store. Apart from the problem of parking, the vehicle is massively over-specced for the job at hand, which creates unnecessary safety risks, both to the driver and to other road users. However, this is essentially what occurs each day in businesses around the world as employees are given access to privileged computer accounts that massively exceed the needs of their jobs. The result is often devastating in terms of corporate security with many…

How to Stop the Breach in a Hybrid Enterprise

Has your enterprise experienced a data breach in the past two years? If so, it’s time for a wake-up call. In fact, 66% of organizations reported falling victim to a breach an average of five or more times during that time span. The security status quo is a slippery slope. Enterprise networks have expanded beyond the well-defined boundaries that used to protect our important assets from falling into the wrong hands and a new security reality has set in. Traditional security methods can’t protect your organization from breaches, and failure to recognize this new reality leaves your business at risk…

New Trend in the Security Space: Customers Want Vendor Consolidation and a Platform Approach

Starting late last year, I kept on hearing a growing drumbeat from customers that they were highly interested in consolidating the breadth of security vendors and products that they use internally to secure their enterprise. In past years, the talk by customers regarding “vendor consolidation” typically had been more in terms of the purchasing process and not having to deal with getting contracts and negotiating with yet another vendor. This time it was different — it has become clear to customers that having disjointed point solutions leave significant air gaps with regard to securing their enterprise, and that customers are…

Ponemon 2017 Report: The Need for a New IT Security Architecture

It’s annual cybersecurity reporting season and first up in 2017 is the Ponemon Global Study, “The Need for a New IT Security Architecture” sponsored by Citrix. The study reveals global trends in IT security risks and reasons why security practices and policies need to evolve in order to deal with threats from disruptive technologies, cybercrime and compliance. Changes in the workplace and problems managing IT security are also increasing risks to the organization. This report surveyed more than 4000 global IT and security practitioners and discusses the findings that concern risks created by cybercrime, employee negligence and organizational dysfunction and…

RSA: Centrify Survey Reveals Almost Half of Respondents Lack Confidence in Their Company’s Cybersecurity Strategies

Yesterday, we conducted an onsite survey of IT professionals attending the RSA Conference, being held this week at Moscone Center, San Francisco. The poll asked respondents how their companies secure applications and infrastructures in the age of access, and it revealed that only slightly more than half (55%) believe their company’s current technology investment ensures their company’s cybersecurity. This leaves about half of respondents with a lack of confidence in their own organization’s corporate security! While this fact is startling, it shouldn’t be too surprising, since a recent Forrester study, commissioned by Centrify, confirms that in the past two years, two-thirds…