Story image

Centrify ups fight against enterprise attacks with 'MFA Everywhere'

02 Mar 16

Centrify has launched a new initiative aimed at securing enterprise identities against compromised credentials, which it says are the most prevalent source of cyber attacks.

Announced overnight at the RSA Conference, Centrify’s MFA Everywhere initiative aims to provide turnkey, adaptive multi-factor authentication, without slowing down users or impacting productivity.

The company says its Identity Platform removes the previous on or off nature of MFA, which resulted in constant prompting for MFA, and the cumbersome nature of physical tokens.

“In the wake of so many high-profile breaches based on stolen or brute-forced password attacks, many businesses have rushed to implement MFA to provide an extra layer of security and mitigate the risk of data breaches,” Centrify says.

“Yet most companies have seen mixed results at best.

“MFA was either reserved for only the most sensitive or vulnerable accounts, or implemented in standalone silos for specific apps or services due to lack of platform coverage.”

Bill Mann, Centrify chief product officer, says MFA needs to be implemented across all users and resources, and in a way that doesn’t hinder users’ abilities to work seamlessly and effectively.

“As attackers get more aggressive and sophisticated, organisations need to get serious about layering on additional factors of authentication for all their enterprise assets. Unlike other vendors that deliver islands of MFA for a subset of users and resources, we are proud to embark and deliver on an expansive MFA Everywhere vision.”

Centrify says its solution supports all types of enterprise users including employees, contractors, outsourced IT, partners and customers, across a range of enterprise resources, including ‘thousands’ of software-as-a-service apps and dozens of on-premises applications, VPNs, network devices and cloud and on-premises servers, with ‘hundreds’ of server operating systems supported.

The offering also supports MFA for privileged command execution and secure shell (SSH) access to servers deployed both on-premises and in an infrastructure-as-a-service environment.

Security can be bolstered with additional factors including push notifications, voice calls, text messages, soft token OTPs, mobile biometrics and OATH-compliant tokens.

The identity management software company says it also delivers MFA support with smart card integration. The company was one of the first vendors to support CAC and PIV smart cards for Apple’s Mac OS and Red Hat’s Enterprise Linux environments.

AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.