Centrify Delivers Industry’s First Privileged Identity Management Solution for Big Data
Centrify Partners with Leading Big Data Vendors Cloudera, Hortonworks and MapR to Extend Security of Hadoop Environments
February 18, 2015
SANTA CLARA, Calif. — Centrify Corporation, the leader in unified identity management across cloud, mobile and data center, today announced the industry’s first privileged identity management solution for Apache™ Hadoop®-based big data infrastructures, as well as partnerships with industry-leading big data vendors Cloudera, Hortonworks and MapR Technologies. With today’s release of Centrify Server Suite 2015, organizations can now leverage their existing Active Directory infrastructure to control access, manage privilege, address auditing requirements, and secure machine-to-machine communication with and across their Hadoop clusters, nodes and services.
The global Hadoop market, powered by the rise in demand for big data analytics, is forecast to grow from $2 billion in 2013 to a staggering $50.2 billion by 2020, according to Allied Market Research. Hadoop clusters often contain sensitive personally identifiable information (PII) and other highly regulated data, so auditing and controlling user and administrator access to Hadoop and its underlying server infrastructure is critical to address both security and compliance requirements for regulations such as SOX, PCI and HIPAA. In addition, Hadoop deployments often introduce duplicate identity silos or have limitations in their support for complex Active Directory environments that can increase both risk and additional costs by not letting organizations seamlessly leverage their existing identity infrastructure and skillsets.
According to Gartner, “With the advent of major compliance mandates, ongoing concerns about application and data security, it is apparent that sensitive data in Hadoop must be protected as well as sensitive data in traditional databases. With the advent of Hadoop 2.0 — and the expanded, real-time applications — the likelihood of sharing data among many users and applications rather than isolating each application, as was often the case in the first generation, increases security exposures. Monitoring and auditing: One aspect of ensuring that information isn't leaking, that changes to cluster are authorized, and that transformations and queries can be traced back to the originating, accountable users of applications and data.”1
Centrify has built new features and compatibility enhancements in the areas of Kerberos network authentication, service account management, and Active Directory and Hadoop interoperability into Centrify Server Suite 2015 to address these concerns and extend the security capabilities provided by the Hadoop platform vendors to now offer robust privilege management for Hadoop environments. This approach also simplifies and streamlines Hadoop deployments by allowing organizations to utilize existing identity management skillsets. In addition, to ensure compatibility as well as vendor collaboration when it comes to technical support, Centrify has built comprehensive integration guides and received product certifications from each of the major Hadoop providers.
“Over the past year or so we have had dozens of our enterprise customers begin to embark on their big data journey, and in doing so they saw immediate significant value in their Centrify identity management solution being applied to their new Hadoop deployments,” said Bill Mann, Chief Product Officer of Centrify. “These customers encouraged us to optimize our solution for Hadoop, which we gladly did, and by collaborating with them and the major Hadoop vendors, over the past year we have built in important Hadoop-specific enhancements which have culminated in the shipment of Centrify Server Suite 2015.”
Benefits of the Centrify Server Suite — the industry’s most widely deployed solution for securing identity on Linux- and Windows-based servers and applications — for Hadoop and big data environments include:
- Simple and secure access to Hadoop environments. Centrify makes it simple to run Hadoop in secure mode by leveraging existing identity management infrastructure — Active Directory — without the hassle of introducing alternative solutions that do not scale and are not enterprise ready. Centrify Server Suite also saves money by letting organizations leverage existing skillsets within the enterprise.
- Single sign-on (SSO) for IT administrators and big data users. By extending the power of Active Directory’s Kerberos and LDAP capabilities to Hadoop clusters, Centrify Server Suite lets organizations leverage existing Active Directory-based authentication for Hadoop administrators and end users. New SSO functionality in big data environments makes users more productive and secure by allowing them to log in as themselves, rather than sharing privileged accounts.
- Secure machine-to-machine communications. Centrify Server Suite automates Hadoop service account management. By automating machine-to-machine credential management, Centrify secures not only user identity but also system and service account identity.
- Reduced identity-related risks and greater regulatory compliance. The reality is that Hadoop environments store most if not all of an organization’s most important data. Centrify Server Suite tracks user activity and associates it with an individual in Active Directory, thereby making data more secure. Centrify also reports on who did what across Hadoop clusters, nodes and services. And, by enforcing access controls and least-privilege security across Hadoop, Centrify delivers cost-effective compliance through combined access and activity reporting.
- Certified solution for superior compatibility and support. Centrify has worked closely with the major Hadoop platform vendors and has received product certification from Cloudera, Hortonworks and MapR. This ensures product compatibility and technical support collaboration between customers, their Hadoop vendor and Centrify.
Pricing and Availability
Centrify Server Suite 2015 is available today from Centrify and authorized partners worldwide. The Centrify Server Suite is licensed on a per server basis and pricing starts at $385 per server. Hadoop customers can request a free evaluation of Centrify Server Suite.
Centrify provides unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT. Centrify’s unified identity management software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and enterprise mobility management. Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent, while improving business agility and overall security. Centrify is used by more than 5,000 customers worldwide, including nearly half of the Fortune 50 and more than 60 Federal agencies. Visit www.centrify.com for more information.
Note 1 – Gartner Inc., “Protecting Big Data in Hadoop,” by Joerg Fritsch and Ramon Krikken, July 14, 2014.
Centrify is a registered trademark and Centrify Server Suite and Centrify User Suite are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
ADDITIONAL SUPPORTING PARTNER QUOTES
“While Cloudera offers comprehensive and compliance ready security, we recognize that organizations need to be able to leverage their investment in existing enterprise tools such as Centrify,” said Tim Stevens, vice president of corporate and business development at Cloudera. “With this partnership, we can offer a range of access management tools to our enterprise customers that enables them to gain the most value from their investment in Cloudera and Centrify. We look forward to continuing our partnership with Centrify and in providing the best enterprise-grade security for Cloudera customers.”
“Centrify is a welcome member of the Hortonworks Certified Technology Partner Program, demonstrating interoperability between Hortonworks Data Platform (HDP) and Centrify Server Suite,” said John Kreisa, vice president of strategic marketing at Hortonworks. “This partnership and certification provides enterprise customers with an Active Directory infrastructure solution to drive their big data projects securely and cost effectively.”
“Centrify’s capabilities around privileged identity management extend our own security enhancements for enterprise-grade Hadoop,” said Jon Posnik, vice president business development, MapR Technologies. “Our customers use Hadoop in a range of applications including those that require a sophisticated level of protection. Centrify’s seamless integration with MapR is a great addition to our partner ecosystem and we expect it to serve as a valuable security option for our customers.”
Ready to protect against the #1 Attack Vector?
Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.