The following is a guest post by a 2016 Secure360 Twin Cities Gold Sponsor Centrify.
According to cyber security experts Verizon and Mandiant, over half — and trending toward 100% — of recent data breaches were due to compromised credentials. These credentials are the digital “keys to the kingdom” and give hackers everything they need to access corporate apps, siphon off sensitive data and damage or destroy critical systems.
Like the ocean tides flowing inland, cyberattackers will always find the course of least resistance into your protected networks and resources. And the research has shown the weakest point is almost always your users and their credentials.
Ultimately unfettered privileged access is the holy grail of cyber attacks. An easy way for attackers is to gain access to shared privileged accounts such as root, local administrator or domain admin accounts.
So let’s buy a privileged account management solution then right? Perhaps, but protecting privileged accounts only solves half the problem. Attackers are increasing their focus on compromising end user credentials in order to leverage corporate network and system access to move laterally into sensitive servers or elevate into privileged accounts. So in fact if you only focus on protecting privileged users you are still leaving end-users open to vulnerability.
Ok then my traditional security perimeter and firewall can protect my end users from attack? Partly, but today’s enterprises are rapidly adopting cloud and hybrid infrastructure, new styles of working, and new ways of connecting remotely. Traditional network perimeters secure only the ingress and egress points of the company managed network. Antivirus, next-gen firewalls and VPN aren’t enough to thwart attacks on the modern enterprise. Modern enterprises need to define a new perimeter based on identity that secures company resources that are located anywhere; including users, devices, apps, data and infrastructure.
So how do we secure both end-users and privileged users from cyber attackers? One option is to select, purchase, deploy and integrate a patchwork of partial security solutions for privileged users including a solution for shared account password management, one for superuser password management, another for privileged access management, and one for privileged session management, don’t forget privileged session recording and monitoring; and solutions for end-users including web and SaaS SSO, a solution for enterprise app SSO, multi-factor authentication tokens and management, enterprise mobility management, mac management, a solution for big data, a solution for cloud infrastructure and the list goes on.
Another approach is to invest in a security platform that gives you full identity security.
The Centrify Identity Platform provides an integrated solution that secures identities for both end users and privileged users. Additionally, Centrify seamlessly extends beyond an enterprise’s internal users to manage external users such as contractors, vendors, partners and customers who access enterprise resources. As attackers cast a wide net, targeting any and all users, a unified and comprehensive approach to managing identities results in better visibility and more effective protection against breaches. A single integrated Identity solution enables enterprises to avoid the higher costs associated with procuring, integrating and deploying disparate identity solutions designed for just one silo of identity.
The Centrify Identity Platform is a hybrid solution that secures enterprise identities and delivers context-aware access control in the cloud or on-premises to meet the needs of any IT environment. The platform supports thousands of cloud-based and on-premises applications. Supported apps include Office 365, Google Apps, ServiceNow, Dropbox, SAP, Apache, DB2 and Hadoop. The platform also supports hundreds of versions of operating systems that span mobile devices running Android and iOS, laptops running Mac OS X and Windows, UNIX, Linux and Windows servers and mainframes running zLinux.
The Centrify Identity Platform unifies identity to minimize the attack surface, control access and gain visibility across today’s hybrid IT world of cloud, mobile and data center. The result is stronger security, continuous compliance and significantly reduced risk of costly breaches.
So when it comes to protecting against the leading point of attack — compromised credentials — don’t be half protected. Make a resolution to be fully protected this year — get full identity security with Centrify.
To learn more on how Centrify’s Platform Approach to Securing Identities can help you, view our on-demand half protected is half not webcast.