Five Best Practices for Zero Trust Security

The Centrify Zero Trust Security model is effective because it allows organizations to remove trust from the equation entirely. Based on the assumption that untrusted actors already exist inside and outside the network, Zero Trust leverages powerful identity services to secure every user’s access to apps and infrastructure. Only after identity is authenticated and the integrity of the device is proven can access to resources be granted–but even then with just enough privilege to perform the task at hand. Here are five best practices for achieving Zero Trust security: Always Verify the User with Multi-factor Authentication (MFA) The days of…

Zero Trust Security for the New Australian Data Breach Law

Many Australian businesses need to rethink their approach to security to prepare for their nation’s new mandatory data breach notification law which take effect this month. The Privacy Amendment (Notifiable Data Breaches) Act 2017 enacts the Notifiable Data Breaches (NDB) scheme in Australia from February 22 this year. The NDB scheme mandates that organizations suffering lost or breached data must notify affected customers as soon as they become aware of the breach and must also report the incident to the Privacy Commissioner. The legislation covers information such as personal details, credit reports, credit eligibility details, and tax file number (TFN) records…

Escaping Data-Breach Groundhog Day

Countless companies globally are trapped in data breach Groundhog Day, unable to escape a repeating cycle of cyber attacks. In the 2018 Thales Data Threat Report, produced by 451 Research, the key theme is that while spending in IT Security is increasing, breaches are increasing at a faster pace and becoming more costly. As in past years, the 451 Group report indicates that companies cyber budgets are being spent in areas that have been identified as least effective in securing data. “Clearly, doing what we have been doing for decades is no longer working. The more relevant question on the…

What do Equifax, HBO, Uber and Yahoo All Have in Common?

A consumer ratings agency, a cable network, a transportation company and a web services provider. What ties them together? Sure, they were all impacted by very high-profile security breaches. But, if you dig a little deeper, you’ll find these organizations had a lot in common before, during and after their respective breaches. And those commonalities can teach us valuable lessons. A quick recap Equifax became the latest poster child for cybersecurity after it announced criminals had gained access to the financial data of 143 million people. The massive breach led to 23 class-action lawsuits, a $4.3 billion loss in market…

Centrify to Discuss Zero Trust Security at the ICIT 2018 Winter Summit

Following the high-profile breach of the US Office of Personnel Management (OPM), which exposed the personal data of millions of Americans, the House of Representatives’ Committee on Oversight and Government Reform issued a report on the attack in 2016. That report provided an exhaustive account of the events leading up to the breach, illustrating how a hacker posing as an employee of an OPM contractor was able to use false credentials to log into the system, install malware and create a back door into the network—a back door that was exploited for four years before it was discovered. The report makes…

Centrify Predicts: Cybersecurity in 2018

As we start 2018, we have continued to see major breaches across industries, only last year we witnessed at least two companies — Uber and Equifax — opt to hold off on alerting the public to their respective cybersecurity breaches and make them public at a later, more convenient date. Whether a coincidence or a trend in the making, time will tell. What we do know is that these were among a handful of security “events” that will help shape the year to come. Here are our predictions for 2018. Organizations will respond to the current threat landscape with a…

Centrify Joins FIDO Alliance and Expands Partnership with Yubico

Centrify has been busy building innovative technology and powerful partnerships. This post will talk about a longtime partnership, cool tech, and a deeper level of integration. Centrify and Yubico have been partners for more than three years already and work together with joint customers, in the field, and at a corporate level. Centrify and Yubico U2F Integration To further its move towards a Zero Trust Security Model, Centrify joined the FIDO (Fast IDentity Online) Alliance and strengthened its integration with Yubico. Centrify Identity Services now provides support for the FIDO Alliance’s Universal 2nd Factor (U2F) specification, an authentication standard designed to…

The Year in Review: Rethink Security

During a year of high-profile breaches like Equifax, HBO and Uber, as well as the realization that Yahoo’s highly-publicized 2013 breach compromised the accounts of all three billion of its users, the tide started to turn in 2017. Organizations, industry experts, thought leaders, the media and even consumers began to understand the status quo simply isn’t working. Ideas like Zero Trust and comprehensive identity protection moved center stage and the Centrify solution advanced into the spotlight. After a survey at the RSA Conference revealed that just 55 percent of IT pros believe their company’s current technology ensures security, and a…