Centrify, the leader in securing hybrid enterprises through the power of identity services, announced its Zero Trust approach to security.
Zero Trust assumes that everything—users, endpoints, resources—is untrusted and must always be verified to decrease the chance of a major breach.
Customers are adapting to the reality that older, network centric approaches to security no longer apply and more application centric models, with access grounded in identity, are necessary for today’s hybrid enterprise. Google’s BeyondCorp implementation is an excellent example of this new approach. BeyondCorp is a Zero Trust security framework that shifts access controls from the perimeter to individual devices and users. The end result allows employees to work securely from any location without the need for a traditional VPN.
“The modern hybrid enterprise must adopt a Zero Trust security model,” said Mann. “The old days of the guarded castle with a moat, where all interactions inside the castle were trusted and all interactions outside the castle were suspect, no longer applies. Remote employees on BYOD devices accessing SaaS applications are as much a reality today as someone sitting at their workstation inside the office. At Centrify, we are committed to helping our customers embrace this new reality and move towards a Zero Trust security model where all access must be authenticated, authorized and encrypted.”
To further its move towards a Zero Trust security model, Centrify has joined the FIDO (Fast IDentity Online) Alliance and strengthening its integration with Yubico. Centrify Identity Services provides support for the FIDO Alliance’s Universal 2nd Factor (U2F) specification, an authentication standard designed to be open, secure, private and easy to use. Centrify already leverages Yubico’s YubiKeys for PIV Compliant and OATH-based authentication, and is further strengthening the partnership with this new support for FIDO U2F authentication.
FIDO U2F certified authentication is recognized by the National Institute of Standards and Technology (NIST) as the highest Authenticator Assurance Level (AAL3) in the NIST Special Publication 800-63 Revision3. “As co-creator of the FIDO U2F standard, Yubico believes that secure, easy-to-use and scalable authentication should be available to everyone,” said Jerrod Chong, VP of Product at Yubico. “Centrify shares our mission to bring greater security and convenience to the enterprise. By adding FIDO U2F support, Centrify has the most complete set of YubiKey integrations available from a technology partner.”
As enterprises move towards modern ephemeral architectures, Centrify is extending the reach of Zero Trust by continuing to build on its support for container-based ephemeral architectures. Centrify Infrastructure Services is now the only privileged identity management vendor to offer host-based privilege controls for CoreOS Container Linux, the leading container operating system. Centrify Infrastructure Services provides conditional access and least privilege control to CoreOS deployments.