Centrify, the leader in securing hybrid enterprises through the power of identity services, has highlighted the fact that four out of five data breaches last year involved compromised credentials.
Citing the 2017 Verizon Data Breach Investigations Report (DBIR), Centrify Senior Director APAC Sales Niall King said these latest statistics were a case of deja vu. “For years, we’ve seen compromised credentials as a primary cause of data breaches,” he said.
“Verizon’s report states that the number of data breaches involving stolen or weak passwords has gone from 50 per cent to 66 per cent to 81 per cent during the past three years. This alarming trend clearly illustrates that today’s security isn’t working.
“Cyber criminals find the path of least resistance to their target and today that path leads straight from users with self-managed ‘simple factor’ passwords. Since most recent breaches leveraged privileged credentials to gain access to the organisation, securing privileged access in today’s hybrid enterprise is mandatory in achieving a mature risk posture. Passwords alone are not enough.
“While most privilege solutions traditionally vaulted the credentials for shared accounts on-premises, password vaults alone do not provide the level of privileged access security required to stop the breach. Organisations need is a truly integrated solution that combines password vaulting with brokering of identities, MFA enforcement and just-enough and just-in-time privilege, that secures remote access and monitors all privileged sessions.”
Centrify’s single platform secures each user’s access to apps and infrastructure through the power of identity services. It provides adaptive, risk-based access across applications, endpoints and infrastructure. It also offers unique Privileged Identity Management capabilities for moving an organisation from static, long-lived privilege assignments to a just-in-time model where advanced monitoring detects and alerts in real-time when backdoor accounts are created to make it easy to bypass a password vault.
In addition, leaders like Centrify are delivering smarter risk-based MFA to enterprises. By understanding the individual behaviour profile of each user through sophisticated machine-learning techniques, each individual access attempt can be automatically scored as to the level of risk.
For instance, an office worker who follows a set routine by typically logging in from a known device is identified as low risk, allowing immediate access to resources without extra authentication. However, logins from another country, after hours or from an unfamiliar device is flagged as a high risk, so would be blocked or at least required to provide extra authentication factors.
“Reducing the friction for users through more choices in authentication factors, fewer prompts and a more consistent user experience, will go a long way toward reducing reliance on passwords alone,” said Mr King. “The bottom line is that moving beyond password-only security pays off.”
Centrify-sponsored research by Forrester reports that enterprises with mature identity and access management systems experience half the number of data breaches, avoid about $5 million in data breach costs and spend 40 per cent less on identity technology. For more information, click here.
For media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email firstname.lastname@example.org.
Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify is enabling over 5000 customers, including over half the Fortune 50 in the US, to defend their organisations. To learn more visit www.centrify.com.
The Breach Stops Here.
Centrify is a registered trademark of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
- Employees risk enterprise secrets with mobile laxity A US survey revealing many enterprise employees fail to protect the security of their mobile devices should sound a warning bell in Australia warns Centrify’s Asia Pacific director...
- Centrify warns against ignoring ‘security fatigue’ ‘Security fatigue’ is a growing threat to protecting identities and confidential information for businesses and individuals warns Centrify, the leader in securing enter...
- Centrify extends Identity Management and Single Sign-on for business partners and customers Centrify Identity Platform now supports both Partner Identity Management and Customer Identity Management use cases Centrify, the leader in securing enterprise identities ag...
- Centrify backs BYOD initiatives with Day One support and Interoperability of Apple iOS 7 Operating System Centrify Cloud Service for Identity and Access Management of Mac and Mobile Devices supports Apple’s new iOS 7 OS released today SUNNYVALE, California: Centrify Corporation, the l...