RETHINK SECURITY

WITH ZERO TRUST

© 2018 Centrify Corporations. All Rights Reserved. 1

 RECENT SECURITY UPDATES
Consumers Are Not Safe Shareholders Are Not Safe

145M+ User accounts

compromised 5%+ Average stock price drop after breach

75M+ User accounts

compromised
Equifax Stock Drop 35% (Market cap declines $4.3B)

Governments Are Not Safe Companies Are Not Safe

Senate phished by Fancy Bear through DNS Provider knocked offline by botnet of
fake ADFS login sites millions of IoT devices with same default password

© 2018 Centrify Corporations. All Rights Reserved. 2

The Impact of Data Breaches on Reputation & Share Value, Ponemon Institute, May 2017
The Breacher Report, Piper Jaffrey, Jan 2018
 TODAY’S SECURITY IS NOT SECURE

$86B
SPENT ON SECURITY
66%
YET 66% OF COMPANIES
IN 2017 ARE STILL BREACHED

And worse, they’re breached

on average five or more times

© 2018 Centrify Corporations. All Rights Reserved. 3

Gartner press release, Aug 2017; Stop the Breach, Forrester, January 2017
THE ENTERPRISE PERIMETER NO LONGER EXISTS

90% 150,000 8B 50B

enterprises using cloud enterprises cloud apps mobile devices IoT devices

AND IDENTITY IS THE TOP ATTACK VECTOR

81% 80%
breaches involve weak, breaches involve
default or stolen passwords privileged
Private vs. Public vs. Hybrid Cloud, Logicworks, March credential
2015; The Explosion ofmisuse
Apps: 27% are Risky, CloudLock, December 2016
Mobile Visual Networking Index (VNI) Forecast, Cisco, February 2017; 50 Billion Things Will Be Connected to the Internet by 2020, Cisco, 2013
© 2018 Centrify Corporations. All Rights Reserved. 4
Verizon 2017 Data Breach Investigations Report, Forrester Wave™: Privileged Identity Management, Q3 2016
 THIS NEW THREATSCAPE REQUIRES
ZERO TRUST SECURITY

© 2018 Centrify Corporations. All Rights Reserved. 5

BEYONDCORP
CORE PRINCIPLES OF ZERO TRUST

Connecting from a particular network must not determine which

services you can access. Access to services is granted based on:

what we know what we know All access to services

1 about you
2 about your device
3
must be authorized

NEVER TRUST, ALWAYS VERIFY

© 2018 Centrify Corporations. All Rights Reserved. 6
 CENTRIFY ZERO TRUST SECURITY

LEARN & ADAPT

VERIFY VALIDATE LIMIT ACCESS

THE USER THEIR DEVICE & PRIVILEGE

© 2018 Centrify Corporations. All Rights Reserved. 7

 HOW CENTRIFY DELIVERS
ZERO TRUST SECURITY

© 2018 Centrify Corporations. All Rights Reserved. 8

 CENTRIFY ZERO TRUST SECURITY:

POWERED BY NEXT-GEN ACCESS

FOR ALL VERIFIED USERS
End User

Privileged User

Outsourced IT

Customer or Partner
Applications Cloud
(IAAS & PAAS)

SECURES ACCESS
SECURES ACCESS TO APPS TO INFRASTRUCTURE
Data Center Servers Big Data

Network Devices

FROM TRUSTED ENDPOINTS

© 2018 Centrify Corporations. All Rights Reserved. 9

 CENTRIFY ZERO TRUST SECURITY:

VERIFY THE USER

IDENTITY CONSOLIDATION / MFA EVERYWHERE BEHAVIOR-BASED ACCESS

SINGLE SIGN-ON
Location

Geo-velocity Time of
RISK SCORE Day
59

Day of
Device
Week

© 2018 Centrify Corporations. All Rights Reserved. 10

 CENTRIFY ZERO TRUST SECURITY:

VALIDATE THE DEVICE

DEVICE & DEVICE CONTEXT & ENDPOINT PRIVILEGE

APP MANAGEMENT SECURITY POSTURE MANAGEMENT

© 2018 Centrify Corporations. All Rights Reserved. 11

 CENTRIFY ZERO TRUST SECURITY:

LIMIT ACCESS & PRIVILEGE

GRANULAR ROLE-BASED ACCESS ACCESS REQUEST FOR APP, AUDIT EVERYTHING

& LIMIT LATERAL MOVEMENT ENDPOINT & INFRASTRUCTURE

© 2018 Centrify Corporations. All Rights Reserved. 12

 CENTRIFY ZERO TRUST SECURITY:

LEARN & ADAPT

Location

Geo-velocity Time of
RISK SCORE Day
59

Day of
Device
Week

Block Access Adaptive Multi-Factor Conditional Access Insight and Forensics

Authentication

MACHINE LEARNING

VERIFY THE USER VALIDATE THEIR DEVICE LIMIT ACCESS & PRIVILEGE
© 2018 Centrify Corporations. All Rights Reserved. 13
 OUR UNIFIED PLATFORM FOR ZERO TRUST

ANALYTICS
Risk-based User Scoring › Behavior Analysis and Reporting

APPLICATIONS ENDPOINTS INFRASTRUCTURE

Single Sign-on Device Management Authentication Services
Adaptive MFA for App Access Adaptive MFA for Endpoints Adaptive MFA for Privileged Access
Workflow & Lifecycle Management App Management Privilege Elevation
Mobility Management Endpoint Privilege Management Shared Password Management
App Gateway Smartcard & Derived Credentials Privilege Access Request
Secure Remote Access
Auditing & Monitoring

CORE SERVICES
Directory + Policy + Federation + Workflow + Reporting

© 2018 Centrify Corporations. All Rights Reserved. 14

 BEST PRACTICES FOR ZERO TRUST
MORE
SECURE

AUDIT
EVERYTHING
ENFORCE
LEAST PRIVILEGE
LIMIT
LATERAL MOVEMENT

ESTABLISH
IDENTITY ASSURANCE

DANGER
Too Many Passwords
Too Much Privilege
MATURIT
Consolidate Identities Establish Access Zones Just-in-Time Privilege Analyze Risk Y
MFA Everywhere Trusted Endpoints Just Enough Privilege Monitor Sessions
Risk-based Access Conditional Access Don’t Break Glass Integrate with SIEM
SSO Everywhere Minimize VPN Access Lifecycle Management
No DevOps Passwords
© 2018 Centrify Corporations. All Rights Reserved. 15
 FORRESTER FINDS IMPLEMENTING
BEST PRACTICES RESULTS IN

50% fewer breaches

$5 MIL in cost savings

40% less on technology costs

© 2018 Centrify Corporations. All Rights Reserved. 16

Stop the Breach, Forrester, January 2017
 WHY CENTRIFY

© 2018 Centrify Corporations. All Rights Reserved. 17

 CENTRIFY ZERO TRUST SECURITY:

UNIFIED NEXT-GEN ACCESS

SECURES ACCESS FROM SECURES ACCESS

TO APPS TRUSTED ENDPOINTS TO INFRASTRUCTURE
Cloud (IAAS & PAAS) Data Center Servers

Big Data

Network Devices

APPLICATION SERVICES ENDPOINT SERVICES INFRASTRUCTURE SERVICES

© 2018 Centrify Corporations. All Rights Reserved. 18

 ONLY VENDOR IN PIM, IDaaS AND EMM

CLEAR MARKET LEADERSHIP

LEADER FORRESTER PIM WAVE LEADER FORRESTER IDAAS WAVE STRONG PERFORMER FORRESTER EMM WAVE

LEADER GARTNER IDAAS MQ PC MAGAZINE EDITOR’S CHOICE NETWORK WORLD CLEAR CHOICE WINNER

Best Identity Management

Solution of 2017

© 2018 Centrify Corporations. All Rights Reserved.
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester’s call on a
market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any
vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect the
judgement at the time and are subject to change.
19
Gartner “Magic Quadrant for Identity and Access Management as a Service” by Gregg Kreizman, June 2016. Gartner does not endorse
any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors
with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization
and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose.
 5,000+
Trusted by over 5,000 customers

95%
Retention
© 2018 Centrify Corporations. All Rights Reserved. 20
6 of top10 7 of top10 100+
U.S. Financial Services Pharma Companies Federal Agencies
Companies

6 of top10 5 of top10 6 of top10

Worldwide Telcos Energy & Transportation U.S. Retailers

© 2018 Centrify Corporations. All Rights Reserved. 21

 THANK YOU

© 2018 Centrify Corporations. All Rights Reserved. 22