Copyright © 2015 Centrify Corporation. All Rights Reserved. 1

Identity is the new Perimeter of Security

Wade Tongen

NA Enterprise SE Manager

wade.tongen@Centrify.com

817-514-0090 (W)

Copyright © 2015 Centrify Corporation. All Rights Reserved. 2

For the End User

Copyright © 2015 Centrify Corporation. All Rights Reserved. 3

For the Privileged User

Copyright © 2015 Centrify Corporation. All Rights Reserved. 4

Identity is at the center of cyber attacks…

End UsersPrivileged Users

Copyright © 2015 Centrify Corporation. All Rights Reserved. 5

2015 Verizon Data Breach Investigations Report

“As always, compromised credentials, whether they were obtained through phishing, spyware or brute-force methods, played a major role in many data breaches.”

“Pulling back from a single industry view, we find that most of the attacks make use of stolen credentials.”

“While we have tried to refrain from best practices advice this year, there’s no getting around the fact that credentials are literally the keys to the digital kingdom.”

Copyright © 2015 Centrify Corporation. All Rights Reserved. 6

Mandiant-Fireeye Security Report

Source: Mandiant

Copyright © 2015 Centrify Corporation. All Rights Reserved. 7

Flow of ATP Attacks:

• Attacks target the end user with malware or spoofing attacks

• Programs like Mimikatz look for accounts used on systems

• Pass-The-Hash permits lateral movement from system to system

• Attacks export data

Attack Lifecycle (Mandiant Trends 2015)

Initial Compromise

Establish Foothold

Escalate Privileges

Internal Recon

Complete Mission

Lateral MovementMaintain Presence

Identity is at the center of cyber attacks…

Copyright © 2015 Centrify Corporation. All Rights Reserved. 8

OPM Breach

OPM suffered 3 breaches starting Oct 2013

The breaches were detected 6 months later

Copyright © 2015 Centrify Corporation. All Rights Reserved. 9

Director Katherine Archuleta Resigns

Our jobs are on the line…

After 21 million SSN numbers were lost – Director Archuleta lost her job.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 10

The Current Future

Mac/Windows Mobile SaaSAccess from

anywhereIaaS

No physical boundaries

Copyright © 2015 Centrify Corporation. All Rights Reserved. 11

How is identity managed in this new world?

De-perimeterization – Data is everywhere

Users are accessing data from everywhere

Copyright © 2015 Centrify Corporation. All Rights Reserved. 12

Apache +

+

+

Enterprise Class Environments today

by Red Hat

ID

IDID

IDID

ID

IDID

ID

ID

ID

ID

ID

ID

ID

ID

ID

IDID

ID ID

ID

ID

ID

ID

ID

ID

ID

ID

ID

The Modern Enterprise Needs a New Identity Platform

Copyright © 2015 Centrify Corporation. All Rights Reserved. 14

Apache

Centrify’s Value Proposition – Simplify

by Red Hat

ID

Plataformade identidad

ID

IDID

ID

ID

IDID

IDID

IDID

ID

ID

IDID ID

IDID

ID ID

ID

ID

ID ID

IDID

ID

IDID

ID

ID

ID

Active Directory

Copyright © 2015 Centrify Corporation. All Rights Reserved. 15

For End Users, Privileged Accounts and Privileged Users

Centrify Identity Platform

Identity Service

Server Suite

SS

O

MFA

Pro

visi

on

ing

Mo

bile

De

vice

M

an

ag

em

en

t (M

DM

)

Ma

c A

dm

inis

tra

tion

Rem

ote

Acc

ess

Re

al T

ime

M

on

itori

ng

of

sess

ion

s

Pa

ssw

ord

M

an

ag

em

en

t

Act

ive

Dir

ect

ory

In

teg

ratio

n

Pri

vile

ge

d A

cce

ss

Au

diti

ng

Se

rve

r Is

ola

tion

Privilege Service

Copyright © 2015 Centrify Corporation. All Rights Reserved. 16

Apache

Centrify’s Value proposition – Simplify

by Red Hat

ID

Plataformade identidad

ID

IDID

ID

ID

IDID

IDID

IDID

ID

ID

IDID ID

IDID

ID ID

ID

ID

ID ID

IDID

ID

IDID

ID

ID

ID

Active Directory

We will be focusing on this environment today

Copyright © 2015 Centrify Corporation. All Rights Reserved. 17

1. Minimize the amounts of credentials used (consolidate)

2. Enforce least access privileges (minimize access)

3. Audit user activity, specially on critical resources (record activity)

Best Practices for Privilege Identity Management (PIM)

Copyright © 2015 Centrify Corporation. All Rights Reserved. 18

1. Centrify natively integrates your zLinux (or any other UNIX/Linux systems to Active Directory

2. Roles Based Access Control to enforce least access privileges

3. Centralized Group Policy enforcement assures consistent configuration

4. Central Reporting of which users can access which systems

5. Detailed Auditing of user activity for critical systems

Without additional infrastructure, schema extensions or intrusive changes

How can Centrify Help?

DEMO

Copyright © 2015 Centrify Corporation. All Rights Reserved. 20

Based in Santa Clara, CA with offices in Seattle, London, Munich, Hong Kong, Brisbane and Sao Paulo• Founded in 2004 with over 500 personnel (2/3rds in engineering)

• Named Deloitte Technology Fast 500 Winner as one of North America’s Fastest Growing Companies

Delivers software and cloud services that lets you securely leverage your existing identity infrastructure — Active Directory — across data center, cloud and mobile• Support for 450+ operating systems and 1000+ Apps

• Proven technology deployed by 5500+ customers including 50% of Fortune 50

• Award-winning solutions and numerous industry certifications

About Centrify

Industry Awards Industry Certifications

Copyright © 2015 Centrify Corporation. All Rights Reserved. 21

Some of our 5500+ CustomersB A N K I N G & F I N A N C E P H A R M A & H E A LT H D E F E N S E & G O V E R N M E N T

R E TA I L & I N T E R N E T T E C H N O L O G Y & T E L E C O M A U T O M O T I V E & E N E R G Y

Thank you

Wade Tongen

wade.tongen@Centrify.com

817-514-0090 (W)