Centrify Extends IAM Mobile Capabilities

centrifylogo-300x150 (1)

Centrify has made two announcements over the past two weeks that will propel them forward in both the identity and access management, and mobile device management spaces. Centrify is huge in the IAM space and are one of the leaders pushing for better inclusion of IAM in enterprise mobile solutions.

On February 23, Centrify announced at Mobile World Congress that they would be be implementing derived credentials for secure mobile access to apps, websites and services that require smart card authentication. Derived credentials allow common access card (CAC) and personal identity verification (PIV) based authentication via mobile devices, without requiring cumbersome, dedicated smart card readers. This new capability extends Centrify’s integration of identity-based security to mobility, offering secure single sign-on (SSO) in even the most highly regulated environments.

“We are very excited that Centrify now offers derived credential authentication from mobile devices, which historically has failed to move beyond the proof of concept stage,” said Bill Mann, chief product officer of Centrify. “Until now, users could only access highly secured apps and content via laptops and desktops, due to regulations mandating smart card-based two-factor authentication. Attempting to use mobile devices with smart card readers for the same access was cumbersome at best. This announcement opens the door to full mobility for state and federal government as well as security-conscious companies that rely on smart cards for authentication.”

Today, Centrify announced MFA Everywhere, a new initiative aimed at securing enterprise identities against today’s most prevalent source of cyber attacks — compromised credentials — without slowing down users.

In the wake of so many high-profile breaches based on stolen or brute-forced password attacks, many businesses have rushed to implement MFA to provide an extra layer of security and mitigate the risk of data breaches. Yet most companies have seen mixed results at best. MFA was either reserved for only the most sensitive or vulnerable accounts, or implemented in standalone silos for specific apps or services due to lack of platform coverage. What’s more, MFA was either “on” or “off,” which resulted in the constant prompting for MFA, and the cumbersome nature of physical tokens annoyed users who were simply trying to get work done.

“Not only do organizations need to implement MFA across all users and resources, they need to do it in a way that doesn’t hinder their users’ ability to work seamlessly and effectively,” said Bill Mann, chief product officer for Centrify. “As attackers get more aggressive and sophisticated, organizations need to get serious about layering on additional factors of authentication for all their enterprise assets. Unlike other vendors that deliver islands of MFA for a subset of users and resources, we are proud to embark and deliver on an expansive MFA Everywhere vision.”

According to Jack Madden, “All of these improvements are in the context of the increasing importance of ID management: It’s important for security, since so many large breaches can be traced to poor ID management practices. It’s important for end user computing, since companies are adopting more cloud apps, and mobile devices simultaneously need new ID tools to make them effective and can also provide value by acting as other types of new tools.”