Presentation is loading. Please wait.

Presentation is loading. Please wait.

Centrify Identity Service Balancing Security & Productivity

Published byKerstin Lund Modified over 6 years ago

Similar presentations

Presentation on theme: "Centrify Identity Service Balancing Security & Productivity"— Presentation transcript:

1 Centrify Identity Service Balancing Security & Productivity
Peter Havens, Product Management at Centrify John Wu, Solutions Engineer at Centrify

2 About Centrify Founded in 2004
HQ in Santa Clara, CA with global offices in UK, Japan and Brazil Strategic alliances with Microsoft Apple, Samsung and more 250+ resellers

3 Product Awards and Certifications
Forrester Wave Leader: Privilege Identity Management Magic Quadrant Leader: Identity and Access Management as a Service Azure Certifications “Clear choice winner” for SSO and many more …

4 5,000 + Customers, 29 of Fortune 50 Banking & Finance Pharma & Health
Defense & Government Consumer & Energy Technology & Telecom K12 & HiEd We have a strong presence in many important industries such as banking, Retail and Federal Agencies. Centrify is a very trusted technology, proud to have over 5000 deployed customers and 26 of the Fortune 50. 4

5 Centrify Solutions: Unified Identity Management
Mac Workstations Mobile Identity management SSO Group policies VPN-less access Internal Web Apps SAAS Privilege management SAPM/SUPM Session monitoring MFA Internal Servers and Network Appliances What makes Centrify unique is that we offer a unified identity platform across cloud, mobile and data center. Not only do we have the ability to manage your on premise Macs but we also can help unify your data center, manage web based applications and your mobile environment. Essentially we replace the handful of tools currently being used by most companies by offering a single identity management platform. It’s very important to remember that Centrify is non intrusive we don’t require any schema modification nor do we punch holes into your fire wall, we simply leverage your current AD. Cloud Infrastructure

6 We believe that Identity is the New Perimeter
Identity at the center of cyber attacks IT is becoming De-perimeterized

7 Identity at Center of Cyber Attacks…
Centrify’s identity platform was architected to protect businesses against today’s leading attacks. 95% of breaches are from compromised credentials 100% of breaches involved stolen credentials End Users and Privileged Users Problem – Identity is the leading target for today’s attackers. Experts attribute compromised credentials to between percent of all recent data breaches. Verizon 2015 Data Breach Investigations – 95% of breaches from compromised credentials Recent report by Mandiant declared 100% of attacks involved stolen credentials Verizon 2016 Data Breach Investigations - 63% of confirmed data breaches involved weak, default or stolen passwords

8 — 2016 IBM X-Force Cyber Security Intelligence Index
60% of attacks were carried out by insiders, both malicious and inadvertent actors — 2016 IBM X-Force Cyber Security Intelligence Index

9 Modern Enterprises are showing us the future
The IT Perimeter is Dissolving Mac and Chromebooks Mobile SaaS IaaS Access Anywhere Cloud and Mobile Mean Attackers Have More Targets Than Ever

10 Centrify Secures Enterprise Identities against Cyberthreats …
BIG DATA APPLICATIONS CLOUD (IAAS & PAAS) NETWORK DEVICES DATA CENTER SERVERS Secure Access to Apps & Infrastructure From Any Device For All Users PARTNER END USER PRIVILEGED IT USER CUSTOMER OUTSOURCED IT

11 Empowering the Modern Workforce

12 Balance Security Productivity

13 Empowering the Modern Workforce
Multi-factor Authentication Once we have strongly authenticated the user and secured the endpoint… Centrify Identity Platform ... Empower the User with Access Automated Account Provisioning to cloud Apps True SSO to cloud Apps Access to on-prem Apps without a VPN (App Gateway) 802.1x Provisioning for , WiFi & VPN Native Apps deployed to Mac and Mobile Devices App Catalog with Automated Provisioning and Workflow On-prem SSO to Apps and Files (OS X via Kerberos)

14 Mac Management Architecture
APNS APNS Mobile App or Web portal OS X DirectControl Agent Web portal Deployment tool and ZPS Group policies and authentication CSS HTTPS Cloud Connector Group policies templates Active Directory Firewall

15 Provisioning, SSO and MFA to SAAS Apps
Mobile App or Web portal Web portal HTTPS Cloud Connector Active Directory Firewall

16 VPN-less access to internal resources
Mobile App or Web portal Cloud Connector Active Directory RDP or SSH Firewall HTTPS Network appliances, Unix, Linux and Windows servers Internal web applications

17 Demo New User Onboarding

18 Identity AND Endpoint Management
The Power of AND Identity AND Endpoint Management

19 What are We in the Business of Protecting?
Why is Endpoint and Mobile security so important? Securing the endpoints is great but why is so much effort being poured into it? Its all about protecting data, corporate data, PCI data, IP, etc. In today’s modern workforce, the App IS the data. And that is what we are really trying to protect. The App IS the Data!

20 It’s Good to be the Identity Provider…
Since Centrify is the IDP granting access we can make intelligent decisions Who can access what? From Where, when and how? Authentication Profiles Per App Authentication Policies Secured Endpoints get Special Treatment Browsers configured with Identity Certs for True SSO True SSO – Regardless of how the App is Accessed Adaptive Authentication Authentication is truly Adaptive Based on Identity, Device Security Posture, and Context Identity Security Context

21 True SSO & Adaptive Auth Per App Policies

22 Enabling MFA Everywhere
Beyond Passwords Enabling MFA Everywhere

23 MFA Across Your Enterprise
MFA for VPN MFA for Cloud Infrastructure (IaaS) Centrify Identity Platform MFA for On-Prem Apps MFA for Cloud Apps MFA for Server Login and Privilege Elevation MFA for Shared Resources

24 Centrify Multi-factor Authentication Capabilities
Strong authentication – without user hassle Adaptive MFA limits user frustration Based on context, including: Time of day, work hours Inside/outside corporate network User role or attributes Device attributes (type, management status) Location Specific privileged role or command Flexible factors for full freedom Take advantage of a wide set of authentication factors Push notification to smartphones and wearables Biometrics for mobile One time passcode (OTP) over SMS, , or from OATH-compliant devices Smartcard and derived credentials Interactive phone call to user’s mobile device

25 Multi-factor Authentication for Secure App Access
Reduce password risk Enable MFA on a per-app basis Available for on-premises and cloud apps Combine with SSO using standards like SAML and OpenID Connect

26 Multi-factor Authentication for Secure VPN Access
Protect VPN Logins Support for a broad range for VPN servers via RADIUS protocol VPN server communicates with Centrify Cloud Connector to initiate MFA

27 OATH Token Integration
Customers with OATH-based H/TOTP Tokens can use them for MFA Soft Tokens: Google Authenticator, Hard Tokens: YubiKey, etc…

28 Smart Card Login Smart Card devices provide strong authentication
Eliminating passwords completely Derived Credentials for Mobile YubiKeys as a SmartCard

29 Multi-factor Authentication for Servers
Multi-factor Authentication to Cloud Service Multi-factor Authentication for Login and Privilege Elevation Block cyber attacks MFA for Linux login and privilege elevation Unique zone-based policies control step-up authentication through role assignment Servers communicate securely with on-premises Cloud Connector to initiate MFA Centrify Identity Platform ENTERPRISE DATA CENTER Centrify Cloud Connector Jump Box Audit DB Multi-factor Authentication for Linux Login Privilege Elevation Shared Account Sessions and Auditing SERVER SUITE

30 Demo CIS Admin Portal & Mac GPO

31 Q & A

32 SS

Download ppt "Centrify Identity Service Balancing Security & Productivity"

Similar presentations

© 2004-2012. Centrify Corporation. All Rights Reserved. Evolving Enterprise Identity: From the Data Center to Cloud and Mobile Centrify Corporation www.centrify.com.

© Centrify Corporation. All Rights Reserved. Evolving Enterprise Identity: From the Data Center to Cloud and Mobile Centrify Corporation
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.

IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Single Identity – Multiple services how do I stay compliant? Wade Tongen NA Commercial SE.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Single Identity – Multiple services how do I stay compliant? Wade Tongen NA Commercial SE.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
The Cloud Identity Security Leader. © 2012 Ping Identity Corporation Nair the twain shall meet Enterprise Social Mobile.

The Cloud Identity Security Leader. © 2012 Ping Identity Corporation Nair the twain shall meet Enterprise Social Mobile.
Copyright ©2012 Ping Identity Corporation. All rights reserved.1.

Copyright ©2012 Ping Identity Corporation. All rights reserved.1.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Alessandro Cardoso Microsoft MVP | Readify National Manager |

Alessandro Cardoso Microsoft MVP | Readify National Manager |
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows Infra @MaccaMSOz.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.

Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.

FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Identity is the new Perimeter of Security Wade Tongen NA Enterprise SE Manager

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Identity is the new Perimeter of Security Wade Tongen NA Enterprise SE Manager
Manage and secure identities in a cloud and mobile world

Manage and secure identities in a cloud and mobile world
User and Device Management

User and Device Management

Similar presentations

Ads by Google