Active Directory-based authentication, access control and role-based privilege management for Windows, Linux & UNIX
Standard Edition + privileged user auditing
Enterprise Edition + encryption of data-in-motion and server isolation
Any Edition + single sign-on for SAP, Apache and J2EE/Java applications
Single sign-on for cloud apps + mobile device supportMac Edition
Active Directory-based authentication and Group Policy management for Macs + mobile device supportPremium Edition
SaaS and Mac Editions + mobile device supportCentrify for Samsung KNOX
Active Directory-based SSO, MCM and MDM for KNOX-enabled devices
Tuesday, December 18, 2012
[Today’s blog is a guest written blog by Peter Christy, an analyst at the Internet Research Group. Peter was kind enough to let us share with readers of the Centrify blog some of his thoughts regarding the shift to “people oriented IT” (also referred by some as “people-centric IT”) and how Centrify’s unified identity services across data center, cloud and mobile capabilities dovetails with this shift.]
The last five years has seen a profound change in enterprise IT catalyzed by the rapid emergence of broadband smart phones and tablets and cloud computing, and characterized by an inversion of enterprise IT from an application-centric to a people-centric structure. For example, 15 years ago there were a relatively small number of core business systems (e.g., ERP), used by a small percentage of employees, typically from their desk, via hardwired connections, and that’s what enterprise IT supported.
Today the world is profoundly different. Every employee has a smart phone and is capable of accessing enterprise IT systems via the Internet directly from essentially anywhere in the world.
As a result, it no longer makes sense to think of these core business systems as the most important components of IT, but instead to focus increasingly on the people served and how to enable them to get the most out of the IT investment. The purpose of IT is to make the employees more productive, and it should be viewed that way more than as the management of some key application assets.
The “people” problems and solutions center on the dual topics of enablement and security. The IT challenge is to enable employee access to information from a variety of devices and a wide range of locations. Opening up access (and making it as convenient as possible) necessarily creates additional security and risk. The art is reasonably balancing the two, neither letting security concerns unnecessarily slow progress, not let the desire for access create unnecessary security risks.
Centrify is a company that has focused on leveraging Microsoft’s Active Directory (the most widely used corporate directory system) beyond what Microsoft has done, first by integrating access control for LINUX systems, and then more recently integrating popular smartphones as well. The core Centrify value proposition in the past is software that makes it much easier to use Active Directory credentials more broadly, for example to control access to a LINUX based application system, or to the use of enterprise apps on a non-Microsoft smart phone.
Centrify began with a security focus: the use of Activity Directory information to control access. But as IT evolves from an IT asset-centric perspective to a user-centric perspective, Centrify is evolving it’s offering to leverage their strong Activity Directory position to enable a much broader use of AD.
|15 years ago||In the future|
|Enterprise IT systems||Just core processes||All the business processes|
|Application users||A few transaction experts||Most employees|
|Access device||Deskside PC||Mobile wireless device|
|Access location||Your desk||Anywhere|
|Application usage modality||Specific data entry and access||On demand, ongoing, mostly for access to information|
|Devices used||One – your PC||Many alternatively|
|Security risk||Limited – access by specific individuals, from known locations for predictable purposes||Very much larger; potentially from any device anywhere|
Centrify is building on (a) its position as Active Directory experts and (b) its position as a trusted partner for enterprise IT to bring to market and entirely new set of AD based services, services that function primarily to help make employees productive rather than function primarily to control access to IT resources. Technically this is a straightforward, evolutionary change: AD is broadly used as a repository that relates employees to assets. It terms of product offering and impact this is a revolutionary change bringing important new functionality to the market just when enterprises need tools to help them deal with the mobile device revolution.