Welcome!

News Feed Item

Centrify Delivers Innovative Capabilities and Best Practices to Streamline and Secure Adoption of Hybrid Cloud

Centrify Booth #116 at AWS Re:Invent — Centrify, the leader in securing enterprise identities against cyberthreats, today announced new hybrid cloud capabilities and best practice guidance to speed and secure adoption of Infrastructure-as-a-Service (IaaS). Centrify’s solution uniquely provides identity freedom, deployment freedom, and the most comprehensive capabilities for securing privileged access to infrastructure and apps in a hybrid IT environment.

IaaS platforms such as Amazon Web Services (AWS) provide an excellent layer of foundational security, but the shared responsibility model is clear: businesses are still responsible for the confidentiality, integrity, and availability of their data in the cloud. Organizations that are storing sensitive data in the cloud, which is 93 percent according to a recent Forrester survey, need a consistent security model across on-premises and IaaS to reduce the risk of data breach.1 Yet Gartner predicts that 95 percent of IaaS security failures will be the customer’s fault, and more than half of those will be attributed to inadequate management of identities, access, and privileges.2

“Leveraging built-in IaaS security is a great start, but not a complete solution according to the AWS Shared Responsibility Model and AWS Security Best Practices,” said Bill Mann, chief product officer at Centrify. “Centrify makes it easy to securely move infrastructure and apps to AWS, and take advantage of the benefits of the cloud, by providing identity freedom, deployment freedom, and a single, consistent security model across on-premises and cloud infrastructure and apps.”

Identity Freedom

As IT organizations look to migrate internal servers and applications to the public cloud, the fact that these on-premises workloads are hard-wired to on-premises infrastructure such as Active Directory (AD) can slow down the ability of IT organizations to quickly and cost effectively move those workloads to the cloud. Customers want to avoid the costs and challenges associated with managing shared EC2 user accounts and replicating their on-premises identity infrastructure to the cloud. At the same time, IT organizations may still want to leverage their historic investment in Active Directory while maintaining uniform high levels of security across on-premises, private cloud, and public cloud infrastructure and applications.

Centrify’s new Identity Broker capability seamlessly connects servers deployed in the cloud to the customer’s identity provider of choice ― including Active Directory and LDAP directories — without having to replicate complex identity infrastructure in the cloud or set up site-to-site VPNs or one-way trusts and Read Only Domain Controllers (RODCs). For further identity freedom, Centrify customers can now disaggregate themselves from the use of on-premises Active Directory as the backend identity repository for server authentication and solely leverage cloud-based directories such as the Centrify Directory or Google G-Suite Directory.

This new capability extends Centrify’s robust privileged access security solution for hybrid cloud environments. Centrify’s solution simplifies and streamlines the secure adoption of IaaS, implementing and extending AWS security best practices. Centrify vaults AWS Account credentials, controls access to and role membership for the AWS console, audits all privileged activity, and secures privileged access to Amazon EC2 instances and the apps that run on them, all while enforcing Multi-Factor Authentication for identities. This complements Centrify’s single sign-on (SSO) support for thousands of cloud-based Software-as-a-Service (SaaS) applications as well as on-premises applications migrating to the public cloud via Centrify’s support for SAML ― including Centrify’s SAML Toolkit for customer-developed applications that are built in the cloud.

Deployment Freedom

Centrify uniquely offers a single privileged access security solution for hybrid IT that can be deployed as a service, in a private cloud, or on-premises. Deployment tools and scripts make it easy for IT admins to deploy the Centrify solution, enroll servers in the Centrify Cloud Service, vault root accounts, and automate setup of user access to servers.

AWS Security Best Practices

Maintaining security while adopting IaaS doesn’t have to mean starting from scratch. Centrify provides guidance on both implementing and extending AWS security best practices leveraging Centrify’s solutions. Topics covered include:

  • Setting up a common security model. Conventional security and compliance concepts still apply in the hybrid cloud. Leverage and extend on-premises access polices to deploy infrastructure and apps quickly and securely in AWS.
  • Eliminating EC2 key pairs. Minimize attack points by leveraging Active Directory, LDAP, and cloud directories such as Google’s versus creating local accounts and managing EC2 key pairs for authentication.
  • Ensuring Accountability. Leverage existing user accounts or federate access to services and resources in AWS. Create fine-grained permissions to resources, and apply them to users through groups or roles.
  • Implementing least privilege access. Grant users just the access they need in the AWS console, on EC2 instances, and to apps. Implement cross platform privilege management for AWS console, Windows, and Linux.
  • Auditing everything. Log and monitor both authorized and unauthorized activity in EC2 instances. Associate all activity to an individual, and report on both privileged activity and access.
  • Implementing MFA everywhere. Thwart in-progress attacks in AWS. Consistently implement MFA for AWS service management, on login and privilege elevation for EC2 instances, and when accessing enterprise apps.

“Centrify is the only vendor that comprehensively addresses identity for SaaS, IaaS, and on-premises with a single architecture,” added Mann.

1 For more information about this survey, please download the Thought Leadership Paper summarizing the findings at: http://www.centrify.com/forrester-study

2 Gartner “Mitigate Common IaaS Security Risks With Identity and Access Management” by Felix Gaehtgens, August 2016.

About Centrify

Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile, and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches ― compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance, and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security, and session monitoring. Centrify is trusted by over 5,000 customers, including more than half of the Fortune 50.

Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service, and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that's no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, explored how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He expla...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
DevOps promotes continuous improvement through a culture of collaboration. But in real terms, how do you: Integrate activities across diverse teams and services? Make objective decisions with system-wide visibility? Use feedback loops to enable learning and improvement? With technology insights and real-world examples, in his general session at @DevOpsSummit, at 21st Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, explored how leading organizations use data-driven DevOps to close th...
Continuous Delivery makes it possible to exploit findings of cognitive psychology and neuroscience to increase the productivity and happiness of our teams. In his session at 22nd Cloud Expo | DXWorld Expo, Daniel Jones, CTO of EngineerBetter, will answer: How can we improve willpower and decrease technical debt? Is the present bias real? How can we turn it to our advantage? Can you increase a team’s effective IQ? How do DevOps & Product Teams increase empathy, and what impact does empath...
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, discussed how given the magnitude of today's application ...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
You know you need the cloud, but you're hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You're looking at private cloud solutions based on hyperconverged infrastructure, but you're concerned with the limits inherent in those technologies. What do you do?
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...