• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

When it comes to cyberattacks, half protected is half not

April 18, 2016 by Corey Williams

user credential logins

Copyright: 123rf

The following is a guest post by a 2016 Secure360 Twin Cities Gold Sponsor Centrify. 

According to cyber security experts Verizon and Mandiant, over half — and trending toward 100% — of recent data breaches were due to compromised credentials. These credentials are the digital “keys to the kingdom” and give hackers everything they need to access corporate apps, siphon off sensitive data and damage or destroy critical systems.

Like the ocean tides flowing inland, cyberattackers will always find the course of least resistance into your protected networks and resources. And the research has shown the weakest point is almost always your users and their credentials.

Ultimately unfettered privileged access is the holy grail of cyber attacks. An easy way for attackers is to gain access to shared privileged accounts such as root, local administrator or domain admin accounts.

So let’s buy a privileged account management solution then right? Perhaps, but protecting privileged accounts only solves half the problem. Attackers are increasing their focus on compromising end user credentials in order to leverage corporate network and system access to move laterally into sensitive servers or elevate into privileged accounts. So in fact if you only focus on protecting privileged users you are still leaving end-users open to vulnerability.

Ok then my traditional security perimeter and firewall can protect my end users from attack? Partly, but today’s enterprises are rapidly adopting cloud and hybrid infrastructure, new styles of working, and new ways of connecting remotely. Traditional network perimeters secure only the ingress and egress points of the company managed network. Antivirus, next-gen firewalls and VPN aren’t enough to thwart attacks on the modern enterprise. Modern enterprises need to define a new perimeter based on identity that secures company resources that are located anywhere; including users, devices, apps, data and infrastructure.

So how do we secure both end-users and privileged users from cyber attackers? One option is to select, purchase, deploy and integrate a patchwork of partial security solutions for privileged users including a solution for shared account password management, one for superuser password management, another for privileged access management, and one for privileged session management, don’t forget privileged session recording and monitoring; and solutions for end-users including web and SaaS SSO, a solution for enterprise app SSO, multi-factor authentication tokens and management, enterprise mobility management, mac management, a solution for big data, a solution for cloud infrastructure and the list goes on.

Another approach is to invest in a security platform that gives you full identity security.

The Centrify Identity Platform provides an integrated solution that secures identities for both end users and privileged users. Additionally, Centrify seamlessly extends beyond an enterprise’s internal users to manage external users such as contractors, vendors, partners and customers who access enterprise resources. As attackers cast a wide net, targeting any and all users, a unified and comprehensive approach to managing identities results in better visibility and more effective protection against breaches. A single integrated Identity solution enables enterprises to avoid the higher costs associated with procuring, integrating and deploying disparate identity solutions designed for just one silo of identity.

The Centrify Identity Platform is a hybrid solution that secures enterprise identities and delivers context-aware access control in the cloud or on-premises to meet the needs of any IT environment. The platform supports thousands of cloud-based and on-premises applications. Supported apps include Office 365, Google Apps, ServiceNow, Dropbox, SAP, Apache, DB2 and Hadoop. The platform also supports hundreds of versions of operating systems that span mobile devices running Android and iOS, laptops running Mac OS X and Windows, UNIX, Linux and Windows servers and mainframes running zLinux.

The Centrify Identity Platform unifies identity to minimize the attack surface, control access and gain visibility across today’s hybrid IT world of cloud, mobile and data center. The result is stronger security, continuous compliance and significantly reduced risk of costly breaches.

So when it comes to protecting against the leading point of attack — compromised credentials — don’t be half protected. Make a resolution to be fully protected this year — get full identity security with Centrify.

To learn more on how Centrify’s Platform Approach to Securing Identities can help you, view our on-demand half protected is half not webcast.

Filed Under: Guest Posts

About Corey Williams

Corey Williams is 20-year grey beard in the IT security and IT management space. He currently serves as a Senior Director of Products and

Marketing at Centrify, the leader in securing enterprise identities against cyberthreats that target today's hybrid IT environment of cloud, mobile and on-premises.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 10 hours ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 1 day ago

  3. Secure360 Conference
    Secure360 Conference: Fascinating stuff about the shift from brick & mortar to e-commerce, from Diamond Sponsor @cisco! https://t.co/4GaYGQKZ1a
    about 4 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.