One of the biggest issues with today’s enterprise security solutions is that they are focused on protecting the perimeter. Unfortunately, that tactic is simply not enough in a technology landscape where cyber attackers are exploiting end users’ identity vulnerabilities to infiltrate entire companies.
Centrify specializes in identity security and Identity-as-a-Service (IDaaS) to protect what have become the weakest entry points to the enterprise. TMCnet Group Editorial Director Erik Linask (News - Alert) got to speak to Bill Mann, SVP of products and marketing at Centrify, about the security space at the recent Editors Day Santa Clara 2015 event.
“Most IT organizations are struggling with the landscape out there with breaches,” said Mann. “It’s actually not getting any better. As companies are moving toward using cloud and mobile, the whole approach to security that we’ve had until today, which is all around protecting the perimeter, is just not going to work anymore.”
He added that there are simply too many devices in use, too many passwords, too much access to sensitive information and too much privilege. And the common denominator in all major enterprise breaches has been using compromised identities as the attack vector to access “privileged” information.
“We fundamentally believe identity is the new perimeter,” said Mann of Centrify’s approach to security. “And that’s got to be the new way we’ve got to think about security moving forward.”
The company takes a multi-tiered approach to securing enterprise users’ identities as well as those of privileged accounts like IT administrators, who have access to sensitive information. They accomplish this through a platform approach that offers context-based policies to determine access using a number of parameters. These include the point of access (i.e. the device), the location of the access attempt and whether the access pattern is typical for the individual user based on historical patterns and data. Identity management is provided for both end users and privileged users through this system, relying on a variety of metrics to ultimately determine if access should be granted.
Mann added that single sign-on (SSO), multi-factor authentication can also be valuable in protecting user identities, along with provisioning and de-provisioning application access. Centrify’s solution makes it easy for administrators to add and remove access for both end users and privileged users, with the goal of reducing access in general to protect the enterprise.
Centrify recently announced a partnership with Dropbox (News - Alert) to provide its IDaaS solution for Dropbox for Business. The solution offers SSO, automatic user provisioning and mobile device management to Dropbox business users. The companies are also integrating their solutions for Cloud Access Security and Enterprise Mobility Management.
See the full interview below: