Centrify chief product officer Bill MannCentrify, the leader in securing hybrid enterprises through the power of identity services, has unveiled its Zero Trust approach to security. Zero Trust assumes that everything — users, endpoints, resources — is untrusted and always must be verified to decrease the chance of a major data breach.

As retailers gird themselves for Christmas sales, Centrify has warned that the increasing size and frequency of data breaches clearly demonstrates that old security models based on protecting network perimeters are failing both businesses and consumers.  This is a significant lesson for Australia where its mandatory data breach notification law takes effect from February next year.

At last week’s Gartner Identity and Access Management Summit in Las Vegas, Centrify chief product officer Bill Mann explained that Zero Trust was the right approach to security today due to the porous network perimeter created by the rise of remote workers, BYOD devices and cloud resources. “The modern hybrid enterprise must adopt a Zero Trust security model,” he said.

“Remote employees on BYOD devices accessing SaaS applications are as common today as someone sitting at their workstation inside the office. Centrify is committed to helping its customers embrace this reality by moving towards a Zero Trust security model where all access is authenticated, authorised and encrypted – with identity at the centre.”

Customers increasingly recognise that older, network-centric security approaches no longer apply. Today’s hybrid enterprise requires more application-centred models, with access grounded in identity.  At his Gartner IAM Summit session, Mann explained how  Zero Trust delivers benefits including:

  • Identity Assurance, which evaluates the security posture of a user based on location, device and behaviour to determine users are who they say they are 
  • Trusted Endpoints, which only allow access to corporate resources from trusted endpoints, whether it’s a corporate owned, BYOD or public desktop, laptop or mobile device
  • Conditional Access, which grants just-in-time access to specific applications and infrastructure for a limited timeframe to users with a confirmed identity and who are using a trusted endpoint when logging in, and
  • Least Privilege, where just enough privilege is granted, just in time to perform the needed operations and lateral movement is limited.

Mann’s talk also highlighted major innovations that amplify the need for Zero Trust networks, such as machine learning, move to ephemeral servers, adoption of microservices and security convergence.

Zero Trust security model product enhancements 

To further its move towards a Zero Trust security model, Centrify has joined the FIDO (Fast IDentity Online) Alliance and strengthened its integration with Yubico. Centrify Identity Services provides support for the FIDO Alliance’s Universal 2nd Factor (U2F) specification, an authentication standard designed to be open, secure, private and easy to use.

Centrify already leverages Yubico’s YubiKeys for PIV Compliant and OATH-based authentication, and is further strengthening the partnership with this new support for FIDO U2F authentication. FIDO U2F-certified authentication is recognised by the National Institute of Standards and Technology (NIST) as the highest Authenticator Assurance Level (AAL3) in the NIST Special Publication 800-63 Revision3.

“As co-creator of the FIDO U2F standard, Yubico believes that secure, easy-to-use and scalable authentication should be available to everyone,” said Jerrod Chong, VP of Product at Yubico. “Centrify shares our mission to bring greater security and convenience to the enterprise. By adding FIDO U2F support, Centrify has the most complete set of YubiKey integrations available from a technology partner.”

Centrify is also extending the reach of its Zero Trust model by continuing to build on its support for container-based ephemeral architectures, which enterprises are embracing to improve application development speed and deployment agility. Centrify Infrastructure Services is now the only privileged identity management vendor to offer host-based privilege controls for CoreOS Container Linux, the leading container operating system. Centrify Infrastructure Services provides conditional access and least privilege control to CoreOS deployments.

For Centrify media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email john@impress.com.au.

About Centrify
Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry-recognised leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure each user’s access to apps and infrastructure through the power of identity services. This is Next Dimension Security in the Age of Access. Centrify enables more than 5000 customers, including more than half the Fortune 50 in the US, to defend their organisations. To learn more visit www.centrify.com
The Breach Stops Here.
Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries.  All other trademarks are the property of their respective owners.

Related News

  • Centrify catches the leadership wave Centrify CEO Tom Kemp Centrify, the leader in securing enterprise identities against cyberthreats, overnight announced it has been named a Leader in the Forrester Research, Inc. J...