Story image

Centrify ups fight against enterprise attacks with 'MFA Everywhere'

02 Mar 2016

Centrify has launched a new initiative aimed at securing enterprise identities against compromised credentials, which it says are the most prevalent source of cyber attacks.

Announced overnight at the RSA Conference, Centrify’s MFA Everywhere initiative aims to provide turnkey, adaptive multi-factor authentication, without slowing down users or impacting productivity.

The company says its Identity Platform removes the previous on or off nature of MFA, which resulted in constant prompting for MFA, and the cumbersome nature of physical tokens.

“In the wake of so many high-profile breaches based on stolen or brute-forced password attacks, many businesses have rushed to implement MFA to provide an extra layer of security and mitigate the risk of data breaches,” Centrify says.

“Yet most companies have seen mixed results at best.

“MFA was either reserved for only the most sensitive or vulnerable accounts, or implemented in standalone silos for specific apps or services due to lack of platform coverage.”

Bill Mann, Centrify chief product officer, says MFA needs to be implemented across all users and resources, and in a way that doesn’t hinder users’ abilities to work seamlessly and effectively.

“As attackers get more aggressive and sophisticated, organisations need to get serious about layering on additional factors of authentication for all their enterprise assets. Unlike other vendors that deliver islands of MFA for a subset of users and resources, we are proud to embark and deliver on an expansive MFA Everywhere vision.”

Centrify says its solution supports all types of enterprise users including employees, contractors, outsourced IT, partners and customers, across a range of enterprise resources, including ‘thousands’ of software-as-a-service apps and dozens of on-premises applications, VPNs, network devices and cloud and on-premises servers, with ‘hundreds’ of server operating systems supported.

The offering also supports MFA for privileged command execution and secure shell (SSH) access to servers deployed both on-premises and in an infrastructure-as-a-service environment.

Security can be bolstered with additional factors including push notifications, voice calls, text messages, soft token OTPs, mobile biometrics and OATH-compliant tokens.

The identity management software company says it also delivers MFA support with smart card integration. The company was one of the first vendors to support CAC and PIV smart cards for Apple’s Mac OS and Red Hat’s Enterprise Linux environments.

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.