US cyberthreat expert calls to rethink security


With 63 per cent of confirmed data breaches involving weak, default or stolen passwords, visiting Centrify executive calls for a new approach to security

centrifylogoIt’s time to rethink security warns David McNeely, a senior executive at Centrify Corporation, the leader in securing enterprise identities against cyberthreats, who is in Australia this week.

Mr McNeely, Centrify’s Vice President of Product Strategy, who has spoken at a Gartner risk management summit in Sydney, said businesses increasingly recognised that “passwords are broken and users have too much access and privilege”. “Staying with the status quo is not viable because password-based security solutions are not protecting us,” he said.

“Verizon’s 2016 Data Breach Investigations Report found that 63 per cent of confirmed data breaches involve weak, default or stolen passwords. Centrify research has found that 52 per cent of employees sometimes share their access credentials with contractors and vendors.

“For organisations to reduce the risks created by hybrid IT infrastructures, they need to move from a position of having too many passwords and too much privilege for users to a situation where all privileged access is logged and monitored as a standard procedure.

“Essential steps in this migration include reducing identity silos so that users only need to remember their network identity and killing off passwords by demanding Single Sign On (SSO) from vendors and developers. SSO enables centralised Multi-Factor Authentication (MFA) and adaptive access control to eliminate problems caused by self-managed passwords.

“A vital step in this process is to enforce least privilege access for your systems. Organisations can reduce risk by replacing shared service accounts with the ability for an authorised employee to login with MFA to temporarily elevate their privilege. This minimises risk because the user is only in the high-risk state for a short time – the duration of the privileged activity – before defaulting back to least privilege.

“Centrify’s vision is to provide secure access to apps and infrastructure for all users from any device. To achieve this goal and survive in a hybrid IT world, organisations need to rethink how they do security.”

Mr McNeely is visiting Australia to attend the Gartner Security & Risk Management Summit in Sydney, where he will deliver a presentation called Rethink Security – Identity Is the New Security Perimeter.

Last week, Gartner announced that Australian organisations will spend around $114.5 million on Identity and Access Management (IAM) technologies this year.

Earlier this year, Centrify collected the IAM “Grand Slam” as the only company awarded leadership positions by the IT industry’s two major independent analyst firms, Gartner and Forrester Research. In June, Gartner placed Centrify in the leaders’ quadrant of its Magic Quadrant for Identity and Access Management as a Service Worldwide report. The following month, Forrester named Centrify as a leader in its Privileged Identity Management report.

About Centrify
Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches ― compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring. Centrify is trusted by over 5000 customers, including more than half of the Fortune 50 in the US.