Best Practices for Multi-factor Authentication (MFA)

These days, it’s pretty clear that to protect systems and data, organizations need to go beyond traditional perimeter defenses. Because most modern cyber-criminals exploit user credentials to get a foot in the door, user identities have become the new perimeter. And leading organizations are turning to MFA to secure their complex, heterogeneous environments. MFA mitigates password risk by requiring additional factors of authentication: something the user knows, has and is. It’s not difficult to implement, but some up-front planning can further enhance security and save a lot of time and effort. MFA is one of the best ways to prevent…

6 Reactions to the Cisco 2017 Midyear Cybersecurity Report: Part 2

Last week, I discussed the first three reactions I had to the “Cisco 2017 Midyear Cybersecurity Report.” I discussed how vendor consolidation is increasing, how spyware is being branded as malware and how detection of threats is continuously improving. DevOps as a Target In the Vulnerabilities section of the document, Rapid7 describes how DevOps is a target and vulnerability for many companies that may use things like AWS, Azure, or Docker frameworks for development. When these resources are built, they are not always deployed in a secure state and often are left behind to run indefinitely. Identity management tools that…

Post-Brexit Data Flows: Why There’ll be No Place for UK Firms to Hide from GDPR

As with most aspects of the EU, unhindered cross-border data flows are something most U.K. firms just take for granted these days. Thanks to the cloud, huge volumes of corporate data is stored in third party providers’ data centres, frequently not even in the UK. Aside perhaps from those in highly regulated sectors, corporate users don’t think twice about accessing that data, and sending it to and from partners and customers on the continent. However, the U.K.’s departure from the world’s biggest trading bloc raises new questions about the legality of such transfers. In a new report, the House of…

Centrify named “Overall Leader” in KuppingerCole IDaaS Leadership Compass

Centrify is pleased to announce that KuppingerCole Identity as a Service (IDaaS) Leadership Compass Report names Centrify “Overall Leader.” The report also highlights Centrify’s leadership in innovation, product features and market reach. KuppingerCole is a leading analyst covering Identity and Access Management (IAM). This report is the most current and comprehensive look at the IDaaS market, which is one of the fastest growing segments in the Security and Identity markets. According to Jeff Edwards of Solutions Review, The IDaaS market is exploding and it is predicted “that by 2020, 40 percent of IAM purchases will use the IDaaS delivery model,…

Driving Cloud-Based Agility at Rémy Cointreau with Centrify

Business requirements and information security priorities have always had a tough time aligning. It’s even become something of a cliché these days to say that security is a block on agility, productivity and growth. Yet it doesn’t have to be that way. Rémy Cointreau’s recent collaboration with Centrify is a great example of how, when implemented correctly, security can actually support the business: in this instance, our move to a more agile, cloud-based infrastructure.  On the opening day of Infosecurity Europe in London, I explained to a packed audience exactly how the Centrify Identity Service is helping our employees work…

Centrify named a Visionary in brand new Gartner Access Management Magic Quadrant

Centrify has been identified by Gartner, Inc. as a visionary in the 2017 Magic Quadrant for Access Management. Centrify received the honor for our ability to execute and our completeness of vision, which is evaluated based on a deep understanding of the industry, product innovation, and marketing, sales, and geographic strategy. At a time when cyber breaches are rising in volume and velocity, Centrify represents a massive rethink of security. It is the only complete platform that stops breaches through a trifecta of Identity Services for applications, endpoints and infrastructure — both on premises and in the cloud. Unlike other…

Controlling Access is the Key to Cyber Security

Access is the greatest opportunity and the greatest threat for businesses engaging with the online economy. Increasingly, our business systems gather, digest and disperse data throughout our operations, including confidential details about customers, employees and business partners. Mature cyber security processes are vital to protect this confidential information from unauthorised access, which can expose businesses to punishing and potentially lethal brand damage. In fact, even a cursory review of 2016 cybersecurity breaches — including the Yahoo! billion-user revelations, the DNC hack during the U.S. presidential election and the $81 million malware attack against a Bangladeshi bank — reveal their unprecedented…

Thoughts from the 2017 AWS Summit in San Francisco

One of the things I love about partnering with Amazon Web Services is how often they are in front of their user community. In addition to their large, annual user conference called RE:Invent, AWS hosts several smaller regional summits throughout the year. As an APN partner, Centrify had the opportunity to participate in last week’s AWS Summit in San Francisco. We were lucky to be able to visit with a nice cross-section of AWS users — users across multiple industries, many of which were in the Fortune 1000. It was great meeting with these organizations and across the board, companies…

Mirai Lingers, Passwords Fail as IoT Devices Proliferate

A few weeks ago, the Wall Street Journal ran a story about a laundromat in Carbondale, Colorado that was infected with the Mirai internet virus. Unbeknownst to the business owner, an internet-connected video recorder had been infected and was scanning the web for places to spread itself. The only sign that something was amiss was the fact that the device was regularly acting up — disconnecting the remote viewing app and forcing the owner to reconnect it by restarting the digital video recorder. While the story didn’t reveal any new developments, it does serve as an important reminder that malware…

New Trend in the Security Space: Customers Want Vendor Consolidation and a Platform Approach

Starting late last year, I kept on hearing a growing drumbeat from customers that they were highly interested in consolidating the breadth of security vendors and products that they use internally to secure their enterprise. In past years, the talk by customers regarding “vendor consolidation” typically had been more in terms of the purchasing process and not having to deal with getting contracts and negotiating with yet another vendor. This time it was different — it has become clear to customers that having disjointed point solutions leave significant air gaps with regard to securing their enterprise, and that customers are…