Archive for October, 2016

Centrify Reveals Seven Tips to Reduce Risks of Data Breaches …

SANTA CLARA, Calif.–(BUSINESS WIRE)–Centrify, the leader in securing enterprise identities against
cyberthreats, today shared seven tips for enterprises to effectively
combat cybercrime. Employee training and cyber awareness, combined with
a solid defense strategy and best-in-class cybersecurity tools and
software, are essential to reducing the risks of data breaches.

In the modern age, cyber safety is just as important as physical safety.
It’s time for every organization to get proactive with cybersecurity,
because every organization is vulnerable to attack. Cyber risk is
present at every level in every company from the break room to the board
room. And according to Ponemon’s
2016 Cost of Data Breach Study
, the average cost of a data breach is
$4 million.

Below are a few best practices for enterprises to effectively combat
cybercrime, while reducing IT security budgets:

  • Consolidate identities: Sixty-three percent of data breaches
    involve weak, default or stolen passwords, according to Verizon’s
    2016 Data Breach Investigation Report
    . It’s critical to develop a
    holistic view of all users and strengthen and enforce password policy,
    or eliminate passwords, where possible.
  • Audit third party risk: Outsourced IT and third party vendors
    are a preferred route for hackers to access corporate networks.
    Conduct audits and assessments to evaluate the security and privacy
    practices of third parties.
  • Implement multi-factor authentication (MFA) everywhere: MFA,
    including third parties and the VPN that adapts to user behavior, is
    widely acknowledged as one of the most effective measures to prevent
    threat actors from gaining access to the network and navigating to
    target systems.
  • Enable single-sign-on (SSO): SSO to enterprise and cloud apps,
    combined with automated cloud application provisioning and
    self-service password resets, cuts helpdesk time and cost, and
    improves user efficiency.
  • Enforce least-privilege access: Role-based-access,
    least-privilege and just-in-time privilege approval approaches protect
    high value accounts, while reducing the likelihood of data loss from
    malicious insiders.
  • Govern privileged sessions: Logging and monitoring of all
    privileged user commands makes compliance reporting a trivial matter
    and enables forensic investigation to conduct root cause analysis.
  • Protect the inside network: Network segmentation, isolation of
    highly sensitive data and encryption of data at rest and in motion
    provide strong protection from malicious insiders and persistent
    hackers once inside the firewall.

“There is no magic answer to defeating cyberthreats, but with the right
strategy, strong security policy and active engagement of all employees,
the risk of a cyberattack can be drastically reduced,” said Bill Mann,
Chief Product Officer at Centrify. “By following the above steps,
organizations can reduce cyber risk, improve corporate compliance and
gain cost efficiencies.”

About Centrify

Centrify is the leader in securing enterprise identities against
cyberthreats that target today’s hybrid IT environment of cloud, mobile
and on-premises. The Centrify Identity Platform protects against the
leading point of attack used in data breaches ― compromised credentials
— by securing an enterprise’s internal and external users as well as its
privileged accounts. Centrify delivers stronger security, continuous
compliance and enhanced user productivity through single sign-on,
multi-factor authentication, mobile and Mac management, privileged
access security and session monitoring. Centrify is trusted by over 5000
customers, including more than half of the Fortune 50.

Centrify is a registered trademark and Centrify Server Suite, Centrify
Privilege Service and Centrify Identity Service are trademarks of
Centrify Corporation in the United States and other countries. All other
trademarks are the property of their respective owners.

Article source: http://www.businesswire.com/news/home/20161031005215/en/Centrify-Reveals-Tips-Reduce-Risks-Data-Breaches

,

No Comments

Anthem subpoenaed over cybersercurity knowledge prior to that massive 2015 data breach

Dive Brief:

  • A class-action lawsuit against Anthem, brought in follow-up to the insurer’s massive 2015 data breach, is asking the federal government to share documents from an audit.
  • The plaintiffs allege the documents prove Anthem was aware that its information technology security was lacking, and did not act on it, before the breach occurred, Modern Healthcare reported.
  • The hack in February 2015 affected an estimated 70 to 80 million customers of Anthem and other Blue Cross and Blue Shield plans.

Dive Insight:

Anthem was criticized following the breach when more than a month and a half later, it still hadn’t notified more than 50 million people–the bulk of those who were affected.

Still, the company only took a minimal hit from the situation due to customers’ perception that Anthem responded to the breach positively–though that doesn’t apply to those now claiming to have had their identities stolen as a result. It remains to be seen whether the lawsuit will do anything to lower that perception of Anthem’s handling by putting it in a negative spotlight. Little has been revealed in the time since the breach about how it happened and what Anthem has actually done in response, as noted by Modern Healthcare

At issue is the existence of a 2013 Anthem IT security audit performed by the U.S. Office of Personnel Management (OPM), because the health insurance giant is an administrator for the Federal Employees Health Benefit Program. The audit reportedly identified shortcomings and noted that Anthem refused to undergo a security test, citing corporate policy. The OPM reportedly performed another audit since the breach, but the federal government has argued they are privileged and will not be disclosed.

Article source: http://www.healthcaredive.com/news/anthem-subpoenaed-over-cybersercurity-knowledge-prior-to-that-massive-2015/429319/

,

No Comments

No time to drop your guard as data breach costs skyrocket …

When BYOD originally took off, security concerns drove companies to take measures to counteract the risks of allowing remote access to company data from employee devices.

Many believed they had shut the door to cybercrime. In reality, data breaches have continued to soar. According to research from PwC, showcased in a recent infographic from Swivel Secure, the number of small firms experiencing a data breach jumped by 14 per cent last year – and although in 2014, the average cost of such a breach was £90k, it rose to £190k in 2015.

The number of large companies suffering a breach rose 9 per cent over the same period, with average costs per breach increasing from £800k in 2014 to a phenomenal £2.3 million last year. In total, a staggering 90 per cent of large businesses admitted to a data breach, with more than two-thirds having been attacked by an unauthorised outsider in the last year.

Scoping the Challenge

The possibility of being fined is another significant concern. The new General Data Protection Regulations (GDPR) puts stringent new data protection requirements in place and will impact any companies holding any data at all about any EU citizen. The most severe penalty available for non-compliance with GDPR is a fine up to €20 million, or in the case of an undertaking, up to 4 per cent of the total worldwide annual turnover of the preceding financial year, whichever is higher.

For businesses that fall victim to these cyber-criminals, the reputational damage suffered can also be severe. Serious fines attract media coverage and may deter prospective customers signing up. The inability of the business to recover what has been lost by the breach can further compromise credibility. After all, while some cyber-criminals steal data, others corrupt it and make it worthless. Ransomware, for example, may simply encrypt all of the business’s data with a key that the organisation cannot access. The business has no recourse to any third party in its bid to retrieve the information, further undermining its credibility with prospects and customers.

So why are we seeing more breaches and what steps can businesses take to protect themselves and bring cybercrime under tighter control?

Part of the reason for the rise is probably down to greater reporting. The pending introduction of GDPR means that if you do suffer a breach, you have to reveal it to the authorities. The regulation was approved by the European Parliament in April 2016 and all organisations that process personally identifiable information (PII) must comply with it by 25 May 2018. So, businesses need to get their reporting mechanisms in place as soon as possible.

This higher level of reporting though should not disguise the fact that the increase in data breaches is real and many factors are fuelling it. Data growth is continuing to rise exponentially – and so too is the volume of data potentially available to hackers online. In line with this, cyber-criminals are becoming increasingly sophisticated. Many have organised into professional groups, with a highly-skilled workforce operating across far-flung networks. Breaches are becoming more targeted also at least in part because it is as cheap and easy to launch targeted attacks today as it is to adopt a blanket bomb approach.

At the same time, many businesses are migrating their data to the cloud for storage (one in three now use cloud data storage, according to the survey), changing the nature of access again and bringing with it a whole raft of new security concerns. Businesses now need to think about more than just their own security and ensure that their level is at least mirrored by that of their cloud service provider. They must be confident, for example, that any data transitioned to the care of that provider is encrypted the moment it lands rather than post-landing. Most companies do not realise that if they are using cloud services, they are themselves still liable for the security/integrity of any data forwarded to those services. With the coming of GDPR and the associated fines, this is hugely important. Simply saying it’s the fault of the service provider for any data loss just won’t pass muster in this context.

At Axial, we advise customers to encrypt data themselves as it leaves their building. This ensures there are two layers of encryption – so that if one is compromised, one remains encrypted, whether the data is in motion between the office location and cloud service or whether it is at rest at each location.

Key Role of Authentication

Whatever the nature of the data it is looking to protect, the business must exercise ‘due diligence’ at all times and that means much more than just taking a cursory glance at the data.

In this context, following due diligence entails the business undertaking a thorough review of its data protection processes and what steps it can take to make them even more secure. The data from the Swivel Secure infographic, which draws on 2015 research from PwC indicates that organisations still have much to do in this respect. 32 per cent of those surveyed had not had any form of security risk assessment. More than a quarter (26 per cent) do not evaluate how effective their security expenditure is, while just 60 per cent said they were confident that they had adequate security skills to manage their risk for next year.

While ease of access is of course important, businesses also have to be focused on ensuring that employees never compromise security in exchange for it. There is a need for education here. Take the manager that needs to deliver a presentation the next day and wants to store it in an accessible place. There is a natural inclination to save the slides in multiple locations – on the company laptop, on a file sharing application and on a memory stick, perhaps, with the rationale that if one location fails, the others can serve as a back-up.

Such an approach creates its own problems, however – and users need to be made aware of the issues and concerns. If the laptop is left on a train, it could be easy prey for anyone with the skill and inclination to break into it. The file sharing application could potentially be compromised also, while USB sticks are frequently lost. Simply by taking the data outside of the corporate infrastructure, you are bypassing all the security infrastructure and potentially putting sensitive information at risk.

It’s a clear demonstration of how so many businesses can make themselves vulnerable by effectively sleepwalking into data breaches. So what’s the solution? Technology should always be part of it. Anti-virus and anti-malware software needs to be implemented and kept up to date. Data leakage protection can also be put in place, providing electronic tracking of files, or putting systems in place that stop users arbitrarily dropping data out to cloud services. Critically though, adaptive authentication, in which risk-based multi-factor authentication is used to ensure the protection of users accessing websites, portals, browsers or applications, also has an increasingly key role to play.

Being able to manage user authentication based on such parameters as who, when, where and what is essential, of course. Adaptive authentication solutions such as Swivel’s AuthControl provide the ability to manage how users authenticate to the network or individual applications based on multiple parameters and a risk score. For example, a business may decide that access to HR/Finance records carries a high risk whereas mail does not. In that case, name/password may be sufficient for mail access but two-factor user authentication and a digital (machine) certificate are required to access the finance application – even for the same user.

Furthermore, adaptive authentication provides a great user experience in hybrid environments where a combination of on-premises, remote access and cloud services are delivered by the business.

So adaptive authentication is key but it has to be delivered as part of an overall strategy. Technology is critically important but ultimately countering data breaches effectively is also about education. Businesses need to hammer home the message that employees need to take a responsible approach to managing and protecting their data. They must be aware of the potential security threats and do all they can to mitigate them – from keeping care of devices they use at work to making sure their passwords are consistently strong.

The battle against the cyber-criminals will continue but if businesses are to fight back and reverse the ongoing trends, they need their employees to be onside and focused on keeping data safe.

Mike Simmonds, Managing Director, Axial Systems

Image Credit: Balefire / Shutterstock

Article source: http://www.itproportal.com/features/no-time-to-drop-your-guard-as-data-breach-costs-skyrocket/

,

No Comments

Attorney General: Data breach affects 500K Washingtonians

Malicious cyber attacks accounted for the largest share of the 500,000 data breaches impacting Washingtonians. (AP)

OLYMPIA — Nearly half a million Washingtonians had their personal information compromised as a result of data breaches between July of 2015 and July of this year, according to a report issued Monday by Attorney General Bob Ferguson.

The AG’s report details the sources and impacts of data breaches reported to the Attorney General’s Office under new, stricter notification and reporting requirements adopted by the Legislature in 2015. During the first year after the law took effect, 39 data breaches met the reporting threshold of 500 affected Washingtonians, according to the AG’s office. Those 39 incidents occurred at companies and organizations ranging from school districts to national retail chains and affected at least 450,000 Washingtonians. The number is undoubtedly higher, since several companies reported that they were unable to determine the number of individuals affected.

Candidates for Lt. governor not inspiring much confidence

While most of the breaches impacted less than 10,000 individuals, one breach in the telecommunications industry affected more Washington residents than the other 38 breaches combined. In that instance, T-Mobile informed the AGO that an intruder obtained the sensitive data of nearly 330,000 Washingtonians.

“Information is power, and this new law gives my office and Washingtonians valuable information about potential risk to their personal information and their businesses,” Ferguson said. “Data breaches are a serious threat to our security, and my office can use this information in our efforts to protect the people of Washington.”

The report also details the causes of the breaches. Malicious cyber attacks accounted for the largest share of the breaches. A significant number also resulted from unauthorized people, such as third-party vendors or employees, gaining access to information. A small number of breaches resulted directly from loss or theft.

The Attorney General’s report includes a look at the potential costs of data breaches to both companies and consumers, as well as a more detailed look at what types of Washington organizations were affected by the breaches and what types of consumer information were exposed. It also provides resources for affected businesses and individuals.

Article source: http://mynorthwest.com/441228/data-breache-affecting-500k-washingtonians/

,

No Comments

US bank authority warns of data breach that took 10000 records

While treated as a “major” event, the practical risk to the government isn’t high. The data was encrypted precisely to prevent damage from a loss like this, and there’s no indication that any controlled or private info has fallen into the wrong hands.

More than anything, the issue is that the OCC let this data leave in the first place. The agency implemented a policy in August 2016 that bars employees from transferring data to removable storage without a supervisor’s approval, but it came too late to catch the thumb drive episode. Also, there’s a chance that this isn’t the only breach. Investigators spotted the data transfer on September 1st, or shortly into a retrospective review of file transfers that remains underway. It’s too soon to know if this was a one-off event or a sign of additional problems. Either way, it’s not good news for a government that’s still trying to mend its security.

Article source: https://www.engadget.com/2016/10/31/us-comptroller-data-breach/

,

No Comments

EU privacy watchdogs question Yahoo on data breach

The EU’s Article 29 group, uniting privacy regulations from the 28 member states, has sent a letter to Yahoo CEO Marissa Mayer asking her to explain the recent data breach at the company and the possible consequences for EU residents using Yahoo services. In particular, the WP29 is interested in the nature and content of the data concerned, the likely consequences of the breach, the number of people affected in each European country, the measures taken to notify the concerned data subjects and to mitigate the risks to the rights and freedoms of data subjects. 

The group noted that Yahoo had already contacted several national data protection regulators in the EU and called on Yahoo to cooperate fully with the regulators. It noted that the data breach at the company would be discussed by the regulator’s enforcement group set up to deal with incidents affecting several states.  

The Article 29 group also noted reports that Yahoo had scanned customer emails at the request of US intelligence services in 2015, in order to search for specific information.  The group said it “will be important to understand the legal
basis and justification for any such surveillance activity, including an explanation of how
this is compatible with EU law and protection for EU citizens”.
The Article 29 group said national regulators investigating the matter have its full backing.

Article source: http://www.telecompaper.com/news/eu-privacy-watchdogs-question-yahoo-on-data-breach--1169427

,

No Comments

EU privacy watchdogs question Yahoo on data breach

The EU’s Article 29 group, uniting privacy regulations from the 28 member states, has sent a letter to Yahoo CEO Marissa Mayer asking her to explain the recent data breach at the company and the possible consequences for EU residents using Yahoo services. In particular, the WP29 is interested in the nature and content of the data concerned, the likely consequences of the breach, the number of people affected in each European country, the measures taken to notify the concerned data subjects and to mitigate the risks to the rights and freedoms of data subjects. 

The group noted that Yahoo had already contacted several national data protection regulators in the EU and called on Yahoo to cooperate fully with the regulators. It noted that the data breach at the company would be discussed by the regulator’s enforcement group set up to deal with incidents affecting several states.  

The Article 29 group also noted reports that Yahoo had scanned customer emails at the request of US intelligence services in 2015, in order to search for specific information.  The group said it “will be important to understand the legal
basis and justification for any such surveillance activity, including an explanation of how
this is compatible with EU law and protection for EU citizens”.
The Article 29 group said national regulators investigating the matter have its full backing.

Article source: http://www.telecompaper.com/news/eu-privacy-watchdogs-question-yahoo-on-data-breach--1169427

,

No Comments

Compulsory data breach notification will also highlight contractual obligations

Privacy legislation requiring notification of data breaches will shortly become federal law.

On 19 October 2016, the Commonwealth Minister for Justice, Michael Keenan outlined to Parliament the rationale for the legislation requiring a compulsory notification scheme: receiving notification of the breach can allow that person to take action to protect themselves for harm.

While the Privacy Amendment (Notifiable Data Breaches) Bill 2016 will only apply to the personal information of individuals, it will have significant practical implications for contractual relationships and corporate data security. Here’s why:

  1. Notified data breaches to become instant public news. Not only will the person affected vent their displeasure on social media and via company and media comments pages, but breaches will be reported in the mass media and recorded for perpetuity online.

  2. Dedicated privacy and consumer rights organisations will keep comprehensive and permanent online records of reported privacy breaches. A good example that will undoubtedly be copied in Australia is the database maintained by the Privacy Rights Clearinghouse: https://www.privacyrights.org/data-breaches

  3. Your contractual counterparties will know about the breach and will be concerned about whether their confidential information has been breached.

The consequences for organisations that are the subject of cyber breaches are potentially very serious. For example, many standard form confidentiality agreements require counterparties to: notify the other party of any possible or actual breach of confidentiality; take all reasonable steps required to prevent or stop the breach at the Recipient’s request; assist the other party in connection with any action or investigation regarding any possible or actual unauthorised disclosure. Some confidentiality or non-disclosure agreements may also require that the breaching party indemnify the loss caused by the unauthorised disclosure.

More sophisticated contracts, particularly in the technology and telecommunications industries now include specific cyber security provisions, requiring immediate notification on becoming aware of any breach or potential breach (which is usually defined to include the detection of any malicious code or disruption to services). This is frequently backed up by requirements for suppliers to provide security reports and allow security audits from time to time.

It’s an understatement that it would be difficult to comply with such obligations in the immediate aftermath of a data breach. Yet, contractual compliance will require notifying contractual counterparties as part of the first response to learning of a data breach.

Most organisations aren’t in a position to handle such an issue in a sophisticated way, and much of the focus has been on responding to privacy obligations and personal information. Data breaches will require a co-ordinated B2C and B2B response. The publicity and brand damage associated with the B2C response is a serious enough matter, but the failure to observe B2B contractual obligations could leave a company facing major litigation (including class actions if enough counterparties are affected), terminated contracts and a lack of commercial confidence that could be ruinous.

Managing the contractual obligations in the public sphere can only be done against the background of an organisation having a corporate road map and executing on a clear plan. Executing successfully on that plan and being able to communicate an appropriate response to a breach is also the only realistic response an organisation can have to an online record tracking each reported breach.

Responding to contractual counterparties on the other hand will require a separate but equally important plan for response. There is clearly the potential for cyber breaches to cause significant contractual liability, and the effects of public disclosures and contractual notification obligations need careful thought, in advance of any breach occurring.

Article source: http://www.lexology.com/library/detail.aspx?g=861b4baf-f3fb-4a02-a139-fe51198997ce

,

No Comments

Compulsory data breach notification will also highlight contractual obligations

Privacy legislation requiring notification of data breaches will shortly become federal law.

On 19 October 2016, the Commonwealth Minister for Justice, Michael Keenan outlined to Parliament the rationale for the legislation requiring a compulsory notification scheme: receiving notification of the breach can allow that person to take action to protect themselves for harm.

While the Privacy Amendment (Notifiable Data Breaches) Bill 2016 will only apply to the personal information of individuals, it will have significant practical implications for contractual relationships and corporate data security. Here’s why:

  1. Notified data breaches to become instant public news. Not only will the person affected vent their displeasure on social media and via company and media comments pages, but breaches will be reported in the mass media and recorded for perpetuity online.

  2. Dedicated privacy and consumer rights organisations will keep comprehensive and permanent online records of reported privacy breaches. A good example that will undoubtedly be copied in Australia is the database maintained by the Privacy Rights Clearinghouse: https://www.privacyrights.org/data-breaches

  3. Your contractual counterparties will know about the breach and will be concerned about whether their confidential information has been breached.

The consequences for organisations that are the subject of cyber breaches are potentially very serious. For example, many standard form confidentiality agreements require counterparties to: notify the other party of any possible or actual breach of confidentiality; take all reasonable steps required to prevent or stop the breach at the Recipient’s request; assist the other party in connection with any action or investigation regarding any possible or actual unauthorised disclosure. Some confidentiality or non-disclosure agreements may also require that the breaching party indemnify the loss caused by the unauthorised disclosure.

More sophisticated contracts, particularly in the technology and telecommunications industries now include specific cyber security provisions, requiring immediate notification on becoming aware of any breach or potential breach (which is usually defined to include the detection of any malicious code or disruption to services). This is frequently backed up by requirements for suppliers to provide security reports and allow security audits from time to time.

It’s an understatement that it would be difficult to comply with such obligations in the immediate aftermath of a data breach. Yet, contractual compliance will require notifying contractual counterparties as part of the first response to learning of a data breach.

Most organisations aren’t in a position to handle such an issue in a sophisticated way, and much of the focus has been on responding to privacy obligations and personal information. Data breaches will require a co-ordinated B2C and B2B response. The publicity and brand damage associated with the B2C response is a serious enough matter, but the failure to observe B2B contractual obligations could leave a company facing major litigation (including class actions if enough counterparties are affected), terminated contracts and a lack of commercial confidence that could be ruinous.

Managing the contractual obligations in the public sphere can only be done against the background of an organisation having a corporate road map and executing on a clear plan. Executing successfully on that plan and being able to communicate an appropriate response to a breach is also the only realistic response an organisation can have to an online record tracking each reported breach.

Responding to contractual counterparties on the other hand will require a separate but equally important plan for response. There is clearly the potential for cyber breaches to cause significant contractual liability, and the effects of public disclosures and contractual notification obligations need careful thought, in advance of any breach occurring.

Article source: http://www.lexology.com/library/detail.aspx?g=861b4baf-f3fb-4a02-a139-fe51198997ce

,

No Comments

Centrify Reveals Seven Tips to Reduce Risks of Data Breaches

SANTA CLARA, Calif.–(BUSINESS WIRE)–Centrify, the leader in securing enterprise identities against
cyberthreats, today shared seven tips for enterprises to effectively
combat cybercrime. Employee training and cyber awareness, combined with
a solid defense strategy and best-in-class cybersecurity tools and
software, are essential to reducing the risks of data breaches.

In the modern age, cyber safety is just as important as physical safety.
It’s time for every organization to get proactive with cybersecurity,
because every organization is vulnerable to attack. Cyber risk is
present at every level in every company from the break room to the board
room. And according to Ponemon’s
2016 Cost of Data Breach Study
, the average cost of a data breach is
$4 million.

Below are a few best practices for enterprises to effectively combat
cybercrime, while reducing IT security budgets:

  • Consolidate identities: Sixty-three percent of data breaches
    involve weak, default or stolen passwords, according to Verizon’s
    2016 Data Breach Investigation Report
    . It’s critical to develop a
    holistic view of all users and strengthen and enforce password policy,
    or eliminate passwords, where possible.
  • Audit third party risk: Outsourced IT and third party vendors
    are a preferred route for hackers to access corporate networks.
    Conduct audits and assessments to evaluate the security and privacy
    practices of third parties.
  • Implement multi-factor authentication (MFA) everywhere: MFA,
    including third parties and the VPN that adapts to user behavior, is
    widely acknowledged as one of the most effective measures to prevent
    threat actors from gaining access to the network and navigating to
    target systems.
  • Enable single-sign-on (SSO): SSO to enterprise and cloud apps,
    combined with automated cloud application provisioning and
    self-service password resets, cuts helpdesk time and cost, and
    improves user efficiency.
  • Enforce least-privilege access: Role-based-access,
    least-privilege and just-in-time privilege approval approaches protect
    high value accounts, while reducing the likelihood of data loss from
    malicious insiders.
  • Govern privileged sessions: Logging and monitoring of all
    privileged user commands makes compliance reporting a trivial matter
    and enables forensic investigation to conduct root cause analysis.
  • Protect the inside network: Network segmentation, isolation of
    highly sensitive data and encryption of data at rest and in motion
    provide strong protection from malicious insiders and persistent
    hackers once inside the firewall.

“There is no magic answer to defeating cyberthreats, but with the right
strategy, strong security policy and active engagement of all employees,
the risk of a cyberattack can be drastically reduced,” said Bill Mann,
Chief Product Officer at Centrify. “By following the above steps,
organizations can reduce cyber risk, improve corporate compliance and
gain cost efficiencies.”

About Centrify

Centrify is the leader in securing enterprise identities against
cyberthreats that target today’s hybrid IT environment of cloud, mobile
and on-premises. The Centrify Identity Platform protects against the
leading point of attack used in data breaches ― compromised credentials
— by securing an enterprise’s internal and external users as well as its
privileged accounts. Centrify delivers stronger security, continuous
compliance and enhanced user productivity through single sign-on,
multi-factor authentication, mobile and Mac management, privileged
access security and session monitoring. Centrify is trusted by over 5000
customers, including more than half of the Fortune 50.

Centrify is a registered trademark and Centrify Server Suite, Centrify
Privilege Service and Centrify Identity Service are trademarks of
Centrify Corporation in the United States and other countries. All other
trademarks are the property of their respective owners.

Article source: http://www.businesswire.com/news/home/20161031005215/en/Centrify-Reveals-Tips-Reduce-Risks-Data-Breaches

,

No Comments