INFRA
INFRA
INFRA
‘Identity sprawl’ and the root of 80 percent of security breaches
What’s more annoying than forgetting the password to an email account? How about when an employee shares a password, which is then stolen by a hacker who uses it to breach sensitive data and bring down an enterprise.
“Identity sprawl” contributes to today’s biggest cybersecurity vulnerability, according to Tom Kemp (pictured), chief executive officer of Centrify Corp. “The problem that we face as consumers in terms of having too many usernames and passwords has now entered into the enterprise.”
Kemp spoke with John Furrier (@furrier), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS re:Invent conference in Las Vegas, Nevada.
The ID answer to hybrid IT
With great power comes great responsibility; the ability to easily spin up applications in the cloud means more users with passwords that could be entry-points for attackers. “We’re now in a situation that … yeah, there’s an app for that, but that means there’s a password for that. So IT is having a hard time controlling who can access what,” Kemp said. “So you have identity sprawl.”
Eight percent of today’s breaches involve compromised credentials, according to Kemp. The more identities there are tapping into an information technology environment — like a server or a particular application — the more potential attack surface available to hackers. “Now you have [the “internet of things”] coming on board, and those devices need an identity unto themselves,” he said.
Connected internet of things devices, clouds, on-premises data centers, software as a service and custom applications all add up to a huge hybridized buffet for cybercriminals. A security solution that merely locks down servers solves only a portion of the problem, Kemp pointed out.
Centrify offers identity-based security with multi-factor authentication for both end users and privileged accounts across all different clouds, apps, etc. “We can, through the power of identity, provide a control plane to give people identity-driven security,” Kemp said.
Centrify just announced that it has moved production to the Amazon Web Services Inc. Cloud. It previously ran on Microsoft Corp.’s Azure. Additionally, it has integrated into the AWS Marketplace and offers SaaS billing to customers.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent.
Photo: SiliconANGLE
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
