What are CDM and CRED?

The Continuous Diagnostics and Mitigation (CDM) Task Order for CREDMGMT provides guidance and tools to federal civilian agencies to fulfill the Manage Credentials and Authentication (CRED) Function. This functional area is designed to prevent the binding of credentials the use of credentials by anyone other than the rightful owner (person or service). The approved tools provide careful management of credentials, preventing attackers from using hijacked credentials to gain unauthorized control of resources, especially administrative rights. The CRED capability ensures that account credentials are assigned to, and used by, authorized people or services. This solution relies on the results of the…

Am I Affected by the European General Data Protection Regulation?

It’s a year until the biggest shakeup to Europe’s privacy laws in nearly a generation takes effect. The European General Data Protection Regulation (GDPR) will bring sweeping new rules into force, including new consumer rights over how personal data is used, and mandatory 72-hour data breach notifications. Yet there’s still confusion over which companies and what types of data are covered by the law. With firms currently complying with less than 40% of GDPR principles on average, time is running out. That’s why Centrify is running a new monthly blog series designed to raise awareness about the GDPR, as the clock…

Password Vaults Alone Are Not Enough to Stop the Breach

A recent Forrester study examined four levels of identity and access management (IAM) maturity and found a direct correlation between the number of privileged identity management (PIM) best practices implemented and the number of security incidents encountered by an organization. Wait, Isn’t Privileged Identity Management == Password Vault? Nope. Centrally controlling shared access to non-human accounts and automating periodic password rotation for shared accounts reduces risk, no doubt. This is a critical component when minimizing your attack surface and will make it harder for hackers to get in to your environment (initial compromise) — it is a best practice. However,…

PWN2OWN 2017 Outcome: Implement Multi-factor Authentication & Least Privilege

Zero Day Initiative, a security research program that offers rewards for successful hacks, reported that on last day of their recent “PWN2OWN 2017” competition, a team of contestants pulled off an unique and challenging feat: they compromised a virtual machine and managed to “escape” to the host system running the virtualization software.  The hack involved three distinct and challenging tasks: Compromising Microsoft’s Edge Browser Compromising the Guest Operating System (running Windows 10) Compromising the VMware Workstation virtualization software And this was all accomplished through a controlled website. Although this may not be the first time each individual layer was compromised, this…

Undue Privilege Costs Cash and Undercuts Security

Few managers would throw their employee the keys to a big rig with two loaded trailers to pick up a pint of milk from a nearby convenience store. Apart from the problem of parking, the vehicle is massively over-specced for the job at hand, which creates unnecessary safety risks, both to the driver and to other road users. However, this is essentially what occurs each day in businesses around the world as employees are given access to privileged computer accounts that massively exceed the needs of their jobs. The result is often devastating in terms of corporate security with many…

Centrify Supports Data Privacy Day: Take Action Today to Protect Your Privacy!

Centrify is proud to be a Data Privacy Day Champion because we work tirelessly each day to protect our customers and their data privacy.  We believe that all of us, whether at work or as consumers, should be aware of data privacy issues (who has my data? what can they do with it? what are they doing to protect it?) and take steps to protect personal data and business’s data. So, when we found out we could help champion Data Privacy Day we jumped at the chance. In recognition of Data Privacy Day, Centrify brings various supporting messages about how to keep…

Centrify Co-Chairs the 2017 ICIT Winter Summit

Once again, we find ourselves at that stage in the political cycle when the new administration is taking office. That means a revised look at everything — from the economy, to the markets, to the health of our industries. And an evaluation of how effectively we’re protecting all of the above. It is no surprise that cybersecurity is top of mind due to several recent high-profile breaches, many of which were mentioned in our end-of-the-year wrap-up. Perhaps no cybersecurity events were as disturbing as those surrounding the 2016 election. It turns out that many of these attacks would have been…

Why Organizations Need Adaptive Multi-factor Authentication (MFA)

We hear about high profile security breaches frequently. Most of these breaches exploit the system login credentials of end users to get into the company’s network. Leading organizations are recognizing this and are beginning to focus on better securing end user identities. Multi-factor authentication (MFA) is becoming a very popular method for doing this as MFA requires a user to provide more than just a password to access the network. These additional factors of authentication require the user to provide something that only the user knows, has and is. As a best practice, when implementing MFA, it should be setup across…

Good Cyber Hygiene: Everyone is a Privileged User

Yesterday, ICIT published the first in a series of research reports as part of an identity management and cyber hygiene initiative, entitled, “ICIT Analysis: Identity and Access Management Solutions: Automating Cybersecurity While Embedding Pervasive and Ubiquitous Cyber-Hygiene-by-Design.“ Wow, what a title. But worthy of the topic. ICIT Sr. Fellow James Scott and Researcher Drew Spaniel did a thorough job identifying the various pitfalls of cybersecurity and ensuring everyone in the organization cares about cyber hygiene and is on top of their game. They offered several good ideas to meet the needs of today’s environment,  such as use a digital representation…