Downloaded 92 times
Centrify Intellect event
- 1. Secure and AuditAccess to Systems, Devices and Apps Barry Scott Technical Director EMEA Centrify Corporation © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 2. About Centrify • Centrify provides software and on-demand services that secure access from any endpoint to any on- premise/cloud resource • Strength is support for over + platforms of systems, apps and endpoints • Delivers unique “unifying” capability • Unifies X-platform access with existing tool: Active Directory • Unifies control with auditing and analytics • Unifies on-premise & cloud systems, apps, endpoints • Over 4500+ customers • Proven management team and top tier investors 2 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 3. Industry Trends andWhere Centrify Fits Centrify is Focusing on Three Major Trends: • The waves of heterogeneity sweeping the server, end point and application markets • The increasing hybridization of IT resources deployed on premise and in the cloud • The need to address security and compliance requirements for this increasing heterogeneous and hybridized world 3 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 4. Heterogeneity Waves • Server: Mainframes + UNIX + Windows + Linux + Virtualization • End Point: Windows + Blackberry + Mac + iOS + Android + Win8RT • • • • Apps: Packaged apps (SAP, Oracle, etc.) + .Net + Java/J2EE + Salesforce.com + WebEx + Office365 + NetSuite + SuccessFactors Net Net: IT is Becoming More Heterogeneous, Not Less 4 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 5. Adoption of Cloudand SaaS Creates Hybrid IT Environment • Shift occurring from traditional infrastructure to hybrid on-premise/cloud environment 5 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 6. But Major ConcernsStill Exist with Cloud Security Control Compliance 6 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 7. And Compliance isBecoming More Rigorous • Information Risk Management Moves From the Data Center to the Boardroom • European Governments Will Enact More Regulations to Require Enhanced Controls • Organizations Need to Tighten Baseline Controls and Implement Active Monitoring SOX /JSOX PCI DSS FISMA HIPAA 7 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 8. Centrify Vision: UnifiedAccess Management Control, secure and audit access from any device to any resource … On-Premise Cloud Endpoints Servers Software and On-Demand Services Apps (GA Nov 12) … and do so by leveraging existing infrastructure you already own 8 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 9. What We Do:SSO and Granular Access Control • Identity Consolidation: • Role-based access control: Centrify’s agent enables users to login to 300+ Centrify also granularly controls who can non-Microsoft systems and apps with one login to what systems and apps and what username/ password – their Windows (i.e. roles and privileges those users have – all via Active Directory) account Active Directory Distribution Before After Finance Fred Joan Admin using Active Directory Centrify console 9 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 10. What We Do:Auditing and Analysis • Complete Visibility: • Insight into a Security “Big Data” Centrify’s reporting and detail user-level Problem: auditing tells an auditor who has access Centrify is also delivering solutions that to what and exactly what users have provide the intelligence needed to been doing which is especially critical for analyze risks associated with user access privileged IT users and activity 10 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 11. Centrify Suite EXPRESS STANDARD ENTERPRISE PLATINUM Centrify for Mobile DirectManage • Secure & manage iPad, Centralized Management and iPhone, Android Administration • Cloud-based service integrated w/on-premise AD DirectControl Single Sign-On Modules Centralized Authentication and Access Control For Applications With all editions you can purchase SSO modules for: DirectAuthorize • Apache and J2EE web Role-based Authorization and applications Privilege Management • SAP NetWeaver & GUI • DB2 Centrify Insight DirectAudit Splunk-based analytics Detailed Auditing of User solutions Activity Centrify Cloud Tools Extends Centrify Suite to DirectSecure servers running in the cloud Server Isolation and Protection (e.g. Amazon EC2) and of Data-in-Motion provides RightScale interop 11 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 12. Mobile Security viaCloud-based Architecture Cloud Administrator Apple Push Notification Service DirectControl DirectControl IN DEV IN DEV Centrify Cloud for Android DirectControl DirectControl for iOS Manager for SaaS for OpenID Centrify Cloud Service Centrify Cloud Proxy Server DirectManage DirectManage Group Policy ADUC Extension Microsoft Extension Certificate Authority Centrify DirectManage Framework Active Directory Security Infrastructure Cloud Administrator’s AD Account 12 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 13. Why Customers andPartners Choose Centrify Centrify is the “right vendor to choose" for Active Directory integration: Centrify’s solution is “mature, technically strong, full featured, and possess broad platform support.” “We recommended that clients strongly consider Centrify … its products can fit well within a multivendor IAM portfolio.” Experience & Expertise The Best Solution • 4500+ enterprise customers • Single architecture based on AD • Largest dedicated team • Comprehensive suite • Unparalleled 24x7 support • Proven success in deployments • Record growth and profitable • Non-intrusive Industry Awards Industry Certifications 13 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 14. Learn More andEvaluate Centrify Yourself WEB SITE www.centrify.com TECHNICAL VIDEOS & MORE www.centrify.com/resources SUPPORTED PLATFORMS www.centrify.com/platforms REQUEST AN EVAL www.centrify.com/trial FREE SOFTWARE www.centrify.com/express CONTACT US www.centrify.com/contact PHONE Worldwide: +1 (408) 542-7500 Europe: +44 (0) 1344 317950 14 © 2004-2012. Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
- 15. Thank you. © 2004-2012.Centrify Corporation. All Rights Reserved. Confidential and Proprietary.
Editor's Notes
- #3 For decades, identity management has played a major role in enterprise security.But SoMoClo changes it all: as cloud computing, mobile device access and social networking redefine the network boundary, identity is taking center stageThe walled fortress is done:The perimeter is no longer defined by your network and your definition of secure, non-secure, internal or external is irrelevant. With a fluid enterprise, users and the devices used to access your critical data are multiplying. Add virtualization, public, private and hybrid cloud environments to the mix, and you get a Volatile, Uncertain, Complex and Ambiguous (VUCA) network. With less physical control, it's not about securing what's behind your firewall, but securing what's beyond.Status quo not an option:Get identity right and you'll harness the power of these disruptive mega-trends for a competitive advantage. Get it wrong and entering this new world order will be painful, costly and potentially impossible.IDC shows 2010 IAM revenue at $3.7 billion and forecasts that the market will reach $5.5 billion by 2014. This is license and maintenance revenue only and is exclusive of managed service provider revenue (e.g., Accenture and Deloitte). Centrify also plays in the privileged identity management market; IDC sees this is a competitive market within IAM. PIM is critical to companies today as implementation drives the ability to monitor, track, and evaluate how access rights are being used deeper by focusing on the privileged user environment within an organization. PIM is projected to reach $425 million in software revenue by 2015.
- #5 Add’l Highlights from Forrester report around ENDPOINT:- Managers and execs are more than twice as likely to use Apple products.- Younger info workers are twice as likely to use Apple products as older ones.- Higher income workers are more likely to use Apple products.Note: The use of Apple products is pretty strong down the income scale. Most of our sample of 10,000 global info workers earns less than $50k, but the adoption rate of Apple products is almost 17% even in the bottom quartile of workers who make less than $12k per year.Info workers in countries outside North America and Europe are more likely to use Apple products for work.While North American companies no doubt like to save money, ease and speed of deployment are their top two reasons for SaaS adoption, followed by lower total cost of ownership, according to the Gartner research. North American companies also value SaaS' ability to lower capital expense more highly than their global counterparts do, says Gartner Research Director Sharon Mertz.CRM is the top SaaS application across all regions, almost surely due to the dominant position of Salesforce.com. North Americans are more likely than other regions to use SaaS Web conferencing, e-learning and travel bookingReferenceshttp://blogs.gartner.com/thomas_bittman/2012/03/21/top-five-server-virtualization-trends-2012/http://www.bloomberg.com/news/2012-05-24/vmware-declines-on-slower-growth-warning-san-francisco-mover.htmlhttp://www.mendeley.com/research/virtual-machines-market-share-through-2012/http://blog.sciencelogic.com/server-virtualization-management-and-more-at-gartner-summit/06/2010http://www.unitrends.com/blog/hyper-v-vmware-es-2012/http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0http://techcrunch.com/2012/01/25/android-may-have-consumer-market-share-but-ios-is-tops-in-enterprise/http://www.imore.com/2012/01/27/ios-beats-android-enterprise-activations/http://www.itbusinessedge.com/cm/blogs/all/gartner-saas-growth-shows-no-signs-of-slowing/?cs=48600http://www.gartner.com/it/page.jsp?id=1791514http://softwarestrategiesblog.com/tag/idc-saas-forecasts/http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0
- #8 Information risk management moves form the data center to the board room - Board room risk profiling will focus on information risk management and ways to connect strategy, risk management and policy directly to system level protection. - Most organization will be looking to implement guidelines similar to NIST SP 800-39 (Managing Information Security Risk Organization, Mission, and Information System View which provides framework for considering/implementing corpinforrmation security governance)Congress will enact more regulations to require enhanced controls - Bottom line: Threats will increase and regulation at State and Federal levels will become more stringent especially in the area of fines.Organizations will be required to tighten baseline controls and implement active monitoring - Outsourcing, the move to the cloud and shared environments will require locking down and tracking access to sensitive systems regardless of where they reside… - Some service providers are accepting risks that their clients are not fully aware of… organziations will need to have their own controls to secure access and track activity to manage their risk appetite while taking advantage of outsourcing, shared infrastructure economies of scale