Driving Cloud-Based Agility at Rémy Cointreau with Centrify

Business requirements and information security priorities have always had a tough time aligning. It’s even become something of a cliché these days to say that security is a block on agility, productivity and growth. Yet it doesn’t have to be that way. Rémy Cointreau’s recent collaboration with Centrify is a great example of how, when implemented correctly, security can actually support the business: in this instance, our move to a more agile, cloud-based infrastructure.  On the opening day of Infosecurity Europe in London, I explained to a packed audience exactly how the Centrify Identity Service is helping our employees work…

Mobile Device Management: Your Phone or Mine?

My phone currently sits in my pocket, and as I write this blog, it vibrates silently — reassuring me that I have not lost it, providing updates from friends and family and reminding me of emails and chats I still need to respond to. Because of the inherent convenience and increased productivity they provide, our phones have become indispensable. It’s no wonder company leadership typically embraces the idea of a mobile-enabled workforce. However, mobile access should be tempered by the current security landscape, where the perimeter has shifted to the cloud. Security teams should take note that even with large investments,…

Time to Ditch Passwords: Taking the Centrify Message to Infosecurity Europe

London Olympia will again be the venue this week as experts from around the world flock to the capital for the annual Infosecurity Europe show. With over 13,000 visitors expected over the three days, this is one of the biggest industry events around. Centrify will be there on Stand C65 to share why we think our range of advanced identity services are the only way IT leaders can secure their hybrid enterprise against modern threats. Attendees also have a great opportunity to hear first-hand from customer Remy Cointreau on the challenges of becoming a more secure and agile organisation through…

What are CDM and CRED?

The Continuous Diagnostics and Mitigation (CDM) Task Order for CREDMGMT provides guidance and tools to federal civilian agencies to fulfill the Manage Credentials and Authentication (CRED) Function. This functional area is designed to prevent the binding of credentials the use of credentials by anyone other than the rightful owner (person or service). The approved tools provide careful management of credentials, preventing attackers from using hijacked credentials to gain unauthorized control of resources, especially administrative rights. The CRED capability ensures that account credentials are assigned to, and used by, authorized people or services. This solution relies on the results of the…

Controlling Access is the Key to Cyber Security

Access is the greatest opportunity and the greatest threat for businesses engaging with the online economy. Increasingly, our business systems gather, digest and disperse data throughout our operations, including confidential details about customers, employees and business partners. Mature cyber security processes are vital to protect this confidential information from unauthorised access, which can expose businesses to punishing and potentially lethal brand damage. In fact, even a cursory review of 2016 cybersecurity breaches — including the Yahoo! billion-user revelations, the DNC hack during the U.S. presidential election and the $81 million malware attack against a Bangladeshi bank — reveal their unprecedented…

How Can User Behavior Analytics Kill the Password?

Last time, I wrote about adaptive authentication and briefly touched on behavior analytics being an integral part of adaptive authentication. For true behavior analytics, you need some smart AI powered multi-factor authentication (MFA). Now, if you think about it and put the pieces of the puzzle together you might be able to kill passwords altogether. Wouldn’t that be nice? You no longer need to remember any passwords and all you need is access to one of your MFA tools when authenticating. With the increased use of smart phones and other devices for MFA, businesses now more than ever have the…

Déjà vu! Verizon Reports Compromised Credentials Are (by far) the Leading Cause of Breaches

Another year has gone by and the words from the 2016 Verizon Data Breach Investigations Report (DBIR) still ring true: “We’re not mad, just disappointed.” The 2017 Verizon Data Breach Investigations Report (DBIR) paints a déjà vu portrait of data breaches where 81% of hacking-related breaches leveraged either stolen and/or weak passwords. You have to hand it to cyber criminals, they are no hacks (pun intended). Much like the flow of water, they find the path of least resistance to their target and today that path is clearly straight through your users and their self-managed “simple factor” passwords. Look at…

Don’t Open that Google Doc Link: Another Phishing Scam

Yesterday, Google users were targeted by a spear phishing campaign that some cybersecurity researchers believe to be one of the fastest-spreading attacks of its kind in history. This attack was highly effective, as the phishing emails were harder to spot since they were from familiar senders. Most users were likely easily fooled into trusting a message from a known contact, which made this scam easy to spread and propagate quickly. While the hole was quickly patched by Google, it is always prudent to check the URL of a link before clicking on it to verify it is spelled correctly and…

Am I Affected by the European General Data Protection Regulation?

It’s a year until the biggest shakeup to Europe’s privacy laws in nearly a generation takes effect. The European General Data Protection Regulation (GDPR) will bring sweeping new rules into force, including new consumer rights over how personal data is used, and mandatory 72-hour data breach notifications. Yet there’s still confusion over which companies and what types of data are covered by the law. With firms currently complying with less than 40% of GDPR principles on average, time is running out. That’s why Centrify is running a new monthly blog series designed to raise awareness about the GDPR, as the clock…

Role-based Access Control: Keeping Your Business Out of Harm’s Way

When our baby first started crawling, we installed gates in all the doorways.  This kept her in safe, baby proofed areas.  We didn’t have to worry about her accidently wandering into a room and getting into something that could harm her.  It also allowed us to keep some things “nice” that a toddler would normally want to “play” with. Controlling Access for Security Best Practices But, what does this have to do with role-based access control (RBAC)?  Well everything.  As she grows and gains more skills, we adjust her access to the house.  It might be low tech, but it…