SHRINKTHE ATTACKSURFACE

INTRODUCTIONAs more enterprises evolve, and employ greater numbers of remote professionals, the traditional ways of accessing and managing customer data are fundamentally changing. When enterprise networks expand to accommodate more individuals, applications, and devices, the risk of human error increases—mistakes can leave organizations and their data, vulnerable to cyber attacks.

Individuals can inadvertently expose payment card data in this expanded network environment, creating major security risks.

Let’s take a closer look at the potential ways individual employees can contribute to compromising a business’s customer data, and discover how the right identity and access controls can help these organizations minimize their attack surfaces and ensure PCI-DSS compliance.

01

02

01

Scenario 01

THE WRONG HANDS

A national financial institution employs hundreds of remote workers. One of these remote employees misplaces a mobile device, which allows access to valuable payment card information stored in the institution’s network. The device falls into the hands of a cyber criminal.

Centrify Server Suite enables administrators to stop would-be attackers from using stolen credentials to access sensitive information with Multi-factor Authentication (MFA) for servers. By requiring multiple levels of authentication in security policies, attackers are unable to misuse privileged accounts and access critical resources without possessing the email address and additional authentication factors needed to complete the login process.

SHRINK THE SURFACE:

THE WRONG HANDS

12016 Verizon Data Breach Investigations Report (DBIR) 03

01

73% of stolen devices are either taken from

the victim’s workspace or vehicle.1

73%

04

02

VULNERABLEVENDORS

Scenario 02

This same financial institution has hired a third party vendor to assess the value in a potential acquisition opportunity. The vendor needs access to the enterprise network in order to complete the assessment.

Centrify Privilege Service includes secure remote access, which provides remote administrators, outsourced IT, and third party vendors with secure access to only the relevant information they need on specific servers and network equipment, rather than having to use a VPN which would grant these users full access to the entire network.

SHRINK THE SURFACE:

VULNERABLE VENDORS

22016 Verizon Data Breach Investigations Report (DBIR) 05

02

97% of breaches featuring stolen credentials leveraged legitimate partner access.2

97%

06

03

THE COMPLIANCECONUNDRUM

Scenario 03

A large retailer wants to minimize its attack surface at the same time that it continues to expand its footprint—but intentional and unintentional threats, plus thousands of credit card transactions per day, equal more opportunities for data breaches.

Centrify Server Suite helps organizations minimize risk and simplify their compliance by leveraging your Active Directory investment to provide centralized identity management and monitoring.

SHRINK THE SURFACE:

THE COMPLIANCE CONUNDRUM

3 2016 Verizon Data Breach Investigations Report (DBIR) 07

03

90% of cyber espionage breaches capture trade secrets

or proprietary information.3

90%

CONCLUSIONProactively identifying and mitigating human error through privileged identity management, can help all PCI organizations minimize their attack surfaces and maintain compliance with the latest DSS requirements. Centrify’s suite of PCI solutions can help your organization address ongoing internal and external security threats.

Our offerings include:

Centrify Server Suite Combines comprehensive bridging

of Linux and UNIX systems to Active Directory with powerful privilege management, MFA, and session

monitoring across Windows, Linux, and UNIX systems.

Centrify Privilege Service Helps enterprises meet many of the DSS

requirements by combining the ability to securely manage and audit access to infrastructure with shared account

password management for internal users, outsourced IT, and third party vendors.

08

11

Check out our new eBook, Become a Champion of PCI Compliance, to learn more about how securing access to sensitive data can keep your business PCI compliant.

09

Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT

environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading

point of attack used in data breaches―compromised credentials—by securing an enterprise’s internal and

external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance

and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac

management, privileged access security and session monitoring. Centrify is trusted by over 5000

customers, including more than half of the Fortune 500.

Visit us at Centrify.com.