Tuesday, June 16, 2015

Centrify Identity Platform - Making Strides and Taking Names

Centrify Identity Platform consists of two products:  Identity Service and Privileged Service

Centrify Identity Service (formerly User Suite) has continued its meteoric rise and I want to congratulate many of my coworkers on their hard work and dedication.

In the past two weeks, to major publications have continued to highlight its critical acclaim:
  • 2015 Gartner Magic Quadrant for Identity and Access Management as a Service
    • Positions Centrify as a visionary, proving and validating the completeness of the vision that combines On-Prem/SaaS SSO with Enterprise Mobility Management plus robust policy, Multi-factor Authentication and VPN-less Access.
    • Ranks #3 among the solutions in a year that saw Salesforce, IBM and Microsoft enter the market and continues to beat the leader in execution and completeness of vision (#2 in pure play).  It's only a matter of time given Centrify's leadership.
    • This is all looking at data from last year!!!!  This is before App Gateway, Privileged Service, ServiceNOW integration and others were ready to go.
      Get the report here.
  • Network World Names Centrify Identity Service the best SSO tool for 2015
    • Calls out the integration of SSO+EMM+MFA+Management interface.  Everyone else left to eat the dust.
Centrify Privileged Service (CPS) is a new entry (announcement) to the hybrid family of products that has a pure play in two areas (and growing):  Shared Account Password Management (SAPM) and Secure Remote Access, but it builds on the existing capabilities of the Identity Service to deliver complementary capabilities to Server Suite.

RBAC continues to be the preferred method for Privileged Account Management (PAM), however, for emergency, one offs and change control, using a shared privileged account can be useful.  Here's a video that illustrates the differences between the approaches:



Capabilities of CPS

Shared Account Password Management
Use your AD account and Multi-factor authentication to check out UNIX, Linux or Windows accounts, enforce policy, access anywhere (centrally or via mobile app).  Upon check-out, the password is rotated for you.

Mobile - Password Checkout.jpgCPS - Password Checkout.jpg

Secure Remote Access
Leverage the existing cloud connector infrastructure to deliver secure remote access to resources regardless of their location (on premises or in the cloud IaaS).  
Apps, UNIX, Linux and Windows sessions can be presented to users in a cohesive way

Much more to come, and many synergies with Server Suite


Very exciting time to be at Centrify and especially to help out prospects and existing customers.