When we take a look at the security industry as a whole there is a focus on all the various APTs and Zero Day-sorts of unknown attacks. However with the rush to fight the good fight; the basics of authentication, authorization, account protocol (AAA) and least privileged access are too often overlooked. This isn’t from lack of effort but the result of too many well-intentioned identity stores. In fact, Verizon reports that 75% of breaches are executed with legitimate credentials that were compromised. Quite a disturbing fact – but not a surprise. This really validates the need for the industry to put a much greater focus on ensuring there is an understanding of someone’s identity. This is only trending in importance as we see the amount of corporate data creation/storage go from 4% outside of the network to >25% over the next 3 years and I wouldn’t be surprised if that number is higher. By having these basic but essential identity controls in a single identity-store like active directory, implementing the use of multifactor authentication (MFA), and requiring users to sign in as themselves; this can then dramatically enhance security. You can now have single-sign-on (SSO) to cloud or on-premise applications and you can force IT Admins to sign in as themselves and not root. By using a single ID store like AD you can then have role-based policies giving provisioning of users to cloud apps and even having cool things like MDM. Also with Roles you can enforce least privilege access to servers. Now that we know who a user is, we can audit them as well. And amazingly we now have tight security controls, data assurance, easy ability to prove compliance and audit traffic.
With all of the recent breaches publicized in the news, identity management has to be a critical component to think of when determining a security strategy. Our CEO, Tom Kemp, wrote a blog recently titled “Getting to the “Root” of Data Breaches”. I highly recommend reading this blog. It highlights some of the largest breaches over the past year and that compromised credentials or gaining privileged access to highly sensitive data, were the main causes; with data points to back this up. One being the most recent hack at Ashley Madison, which impacted over 30 million users; where screenshots from the data-dump show that commands were run under “root”, in other words, they had the “keys to the kingdom”.
Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches ― compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring. Centrify is trusted by over 5000 customers, including more than half of the Fortune 50.