Behind the Numbers: Database Authentication and Authorization

Earlier this month, I posted a blog about how most companies I speak with have not implemented a modern database authentication and authorization approach. I also recommended 8 steps IT leaders can take to modernize their database management operations. Upon reflection, I think an interesting follow up would be to take a look at some numbers that further illustrate the need to put effective database authentication and authorization practices in place to secure the enterprise. LOOK AT THE NUMBERS Let’s create a fictitious sample company to examine, called Company X. At the DB Survival Blog site, the accepted high-end number…

Modern Practices: Zero Trust Security

In today’s mobile-first, cloud-first environment, cybersecurity starts with protecting the primary attack vector – privilege identities – with a “never trust, always verify” mindset for Zero Trust Security. Gartner predicts that companies will spend $96 billion in cybersecurity solutions in 2018 alone. While worldwide spending will increase 8% from last year’s total, less than 10% will be spent on Identity and Access Management, the number one attack vector. Clearly there is misinformation and misunderstanding of how to stop a breach. A recent research study with Dow Jones Customer Intelligence, “CEO Disconnect is Weakening Cybersecurity,” revealed that a discrepancy in the C-Suite is weakening enterprise security postures. CEOs mistakenly focus on eliminating malware, while Technical Officers (CIOs, CTOs and CISOs) on the front lines of cybersecurity point to identity breaches – including privileged user identity attacks and default, stolen…

Implementing Modern Approaches to Database Authentication and Authorization

The most common question I hear about Database Accounts is, “Can your solution vault Database Service and other Privileged Database Accounts?” Every time I hear this question, a voice in the back of my head wants to ask, “Have you implemented modern approaches to Database Authentication and Authorization Management?” See the real problem is the majority of Databases and the hosted Database Instances still have legacy Database Authentication and Authorization methodologies applied to them, so we are trying to apply a band-aid to the issue by reaching into the databases and vault the DB local accounts. THREE DATABASE APPROACHES Let’s…

MFA Everywhere: A Tried and True Method in Accelerating Security

While phishing attacks continue to jeopardize today’s organizations (a reported 76% of organizations experienced phishing attacks in 2017), it was refreshing to hear that tech giant Google has apparently eliminated phishing by giving security keys to all of its 85,000 employees. “We have had no reported or confirmed account takeovers since implementing security keys at Google,” a company spokesperson told Krebs on Security last week. “Users might be asked to authenticate using their security key for many different apps/reasons. It all depends on the sensitivity of the app and the risk of the user at that point in time.” This…

Gartner and Centrify Agree – PAM is #1 Security Project for 2018

CISOs are overwhelmed with a multitude of projects that are pulling at their time and resources. All of these projects feel important and usually will have some benefit, but nobody has the time or budget to do it all. So which projects will give you the biggest bang for your buck? How do security professionals prioritize these initiatives? At this year’s Gartner Security and Risk Management Summit, Gartner’s Neil MacDonald revealed the analyst firm’s top 10 recommended security projects for 2018. MacDonald stated that CISOs need to, “focus on projects that reduce the most amount of risk and have the…

Centrify’s Next Strategic Step Forward with Thoma Bravo

I am pleased as CEO and co-founder of Centrify to announce that Centrify has entered into a definitive agreement whereby Thoma Bravo, a leading high-growth private investment firm with a significant track record in cybersecurity, will acquire a majority interest in Centrify from our current venture capital investors led by Mayfield, Accel, Jackson Square Ventures and Index Ventures. We couldn’t be more thrilled to partner with this world class investor who has invested in other great cybersecurity companies like SailPoint, McAfee, Barracuda and others. We believe that this transaction optimally positions us to accelerate our pace of innovation in the…

Making Smarter Access Control Decisions

Hey Siri, block that attacker, please Wouldn’t it be great if Siri, Alexa, or Google Assistant had the intelligence to figure out malicious intent, govern access to our sensitive corporate data, and alert us in real time when something dodgy was going on? Well, they do leverage modern machine learning and AI to make “intelligent” decisions, but they’re clearly not designed for enterprise-grade security. At Centrify, though, we’re using AI and machine learning concepts to develop Next-Gen Access security to do just that. Only it’s not in a soft, cute, platonic solid form factor that sits on your desk….yet. As part…

Cyber Risk Insights from the AIG 2017 Cyber Insurance Review

I read with interest AIG’s 2017 Cyber Insurance Review. In a one sentence summary: cyber insurance claims are up, due to systemic ransomware and wiper malware attacks, the cyber business is booming, but we are still early in the market evolution. Reading the report prompted me to ask three questions regarding Cyber Insurance: How well do insurance brokers understand cyber risk and cyber insurance? What percentage of businesses shopping for cyber insurance truly understand their cyber loss exposure in quantitative terms, and conversely how well do brokers understand their exposure What security controls and policies do businesses have in place…

Stop Breaches with Analytics and Artificial Intelligence

According to Gartner, companies will spend up to $96 billion worldwide on security this year, but research by Centrify and Dow Jones suggests that up to 79% of companies have experienced a significant breach. Forrester estimates that 80% of security breaches involve privileged credentials. It’s understandable: After an intruder gains access to the employees’ devices, they try to snoop the network and install keylogger to get higher privilege credentials (such as root or administrator). Privileged credentials provide greater scope for stealing data en masse than individual accounts do. Traditional Privileged Access Management (PAM) products have been trying to resolve the…

Centrify and SailPoint Join Forces to Apply Zero Trust Security Best Practices to Identity Governance

Today, Centrify is proud to announce the integration of the Centrify Privileged Access Service with SailPoint® Technologies IdentityIQ™ solution. This integration provides joint customers with a single pane of glass for a privileged user’s entitlements and enables issuing access requests for accounts, systems, and existing roles that are controlled by the Centrify Privileged Access Service. This allows for centralized management and control of identities to quickly identify and mitigate access risks of privileged users, while strengthening an organization’s compliance posture. Figure: Centrify Privileged Access Service integration with SailPoint IdentityIQ BRINGING ZERO TRUST SECURITY TO IDENTITY GOVERNANCE One of the essential…