Tuesday, January 29, 2013

The Need for Privileged Identity Management

The recent revelation that Barracuda Networks had numerous privileged "backdoor" user accounts with weak passwords once again draws attention to not only the need to have strong passwords but also the need for privileged identity management.


Monday, March 5, 2012

What's New in Centrify Suite 2012.2

Last week we came out with a new release to our suite of solution. This latest and greatest version is called Centrify Suite 2012.2, which updates DirectControl to version 5.0.2, DirectAuthorize to version 2.0.2, DirectAudit to 2.0.2, and DirectManage Deployment Manager to 2.1.2. Customers can download it here while Express users can get it here. While a minor update, we have packed into a number of goodies that I want to talk to you about in this blog post.


Friday, July 30, 2010

Buckle Up With PCI ... It's Becoming the Law

A new Washington state law went into effect earlier this month that makes a business or a credit card processor liable for unauthorized access to credit card information it stores. The key thing with the law is that businesses or processors are not liable if they are PCI DSS compliant, so in effect this further motivates businesses who process credit cards to get compliant. This is part of a growing trend for states to in effect incorporate PCI into state law.


Monday, May 24, 2010

Hardening VMware vSphere Security and the ESX v4 Console Operating System with Centrify

Recently VMware published its official release of the vSphere 4.0 Security Hardening Guide. I was pleased to see that Centrify was the only third-party identity management vendor called out by VMware to "provide tighter integration with Active Directory" when it recommends to use a directory service product for authentication for the ESX Service Console. While Centrify was called out vis a vis the security requirements around Console OS password policies, in looking at the hardening guide it became readily apparent that the Centrify Suite can address a wide range of vSphere hardening requirements for enterprises, and this blog post gives an example of some of the additional value add Centrify can provide.


Friday, May 21, 2010

Comparing the NSS/PAM Implementations of Samba Winbind and Centrify for Active Directory Integration

Many of our customers want DirectControl to seamlessly integrate with Samba - the de facto industry standard CIFS File Server for Linux and UNIX - so I have blogged a few times about what we offer in terms of Samba interoperability as well as on the technical and architectural details around our Samba integration. But because there is a bit of overlapping capability with what Samba offers and what DirectControl offers, we occasionally get questions on how we compare to what Samba offers, so in this blog post I am going to drill down a bit into two areas of overlapping functionality with DirectControl and Samba's windbind capability.


Wednesday, May 19, 2010

PCI Compliance for UNIX and Linux Servers

With the release of DirectSecure earlier this year and the release of DirectAuthorize last year we have broadened our PCI footprint to address additional PCI requirements, so I want to use this blog post to talk about some of the added requirement we now address.


Wednesday, March 24, 2010

Failed IRS Security Audit Highlights Need for Privileged Identity Management

I saw in Network World a recent article with the headline, "IRS security faults leave taxpayer information at risk." In reading the article and digging down into the actual United States Government Accountability Office (GAO) report (entitled "Information Security: IRS Needs to Continue to Address Significant Weaknesses") that the article uses as its source, it turns out that the major findings in the audit were really about the need for comprehensive privileged identity management within the Internal Revenue Service. In this blog post I will analyze the GAO report and map the report to specific capabilities that Centrify addresses.


Monday, March 1, 2010

What is DirectAccess and How You Can Extend it to Non-Microsoft Platforms (e.g. UNIX, Linux)

It was three years ago that Bill Gates made his last appearance at the RSA Conference and introduced the Microsoft vision of "Secure Anywhere Access in a Connected World." It was 2 years later that part of that vision became reality with the introduction of technology in Windows 7 and Windows 2008 R2 called DirectAccess. In this blog post I will give an overview of DirectAccess and discuss how Centrify DirectSecure embraces and extends it to non-Microsoft platforms; i.e. even better together.


Thursday, February 25, 2010

How DirectSecure Encrypts Data in Motion and Why You Need It

DirectSecure can optionally encrypt data in motion. Here are two immediate reasons why you need it.


Tuesday, February 23, 2010

How DirectSecure Can Help Address PCI Network Segmentation and Isolation Requirements

DirectSecure can help you meet PCI DSS requirements around network segmentation and address section 1.2 of PCI regarding restricting connections between untrusted networks.


Monday, February 22, 2010

How DirectSecure Leverages IPsec

In this blog post I will talk more about how DirectSecure works and specifically how it leverages IPsec.


Wednesday, February 17, 2010

Introducing Centrify DirectSecure: Cross-Platform Server Isolation

With the release of Centrify Suite 2010, we introduced two new products: DirectManage and DirectSecure. In this blog post I will discuss what DirectSecure does at a high-level and why customers need it. In later blog posts discuss how it works, give some use cases, and then discuss how it extends Windows 7 DirectAccess to cross-platform environments.


Tuesday, February 16, 2010

Introducing Centrify Suite 2010: An Active Directory Bridge to Privileged Identity Management

Five years and one week ago Centrify entered the market with the announcement of DirectControl version 1.0. Today, we are pleased to announce the release of Centrify Suite 2010. In five years we have gone from 1 product to 5 products, from a few beta sites to over 1500 customers including some of the largest enterprises in the world, and from a classic Silicon Valley startup to a mature, profitable software company with staff throughout the world. In this blog post let me talk about some of the new products and new features that make up Centrify Suite 2010.