Centrify, the leader in securing hybrid enterprises through the power of identity services, announced the release of its new Analytics Service. This new service uses machine learning to assess risk based on constantly-evolving user behavior patterns. It then assigns a risk score, and enforces an appropriate decision determining whether the user’s access is granted, requires step-up authentication, or is blocked entirely.
According to a new Forrester study, commissioned by Centrify, an astonishing two-thirds of organizations experienced an average of five security breaches in the past two years. And billions of usernames and passwords have been stolen and made available for these types of attacks, increasing risk of further breaches. The power of these attacks is in their perfect camouflage. Attackers “look” just like legitimate users, raising no suspicion, since all IT sees is regular user activity.
Breaking the cycle of breach
Centrify gives IT the power to break the cycle of account exploitation and impersonation, to stop attacks that lead to data breaches. Not only are anomalous access requests stopped in real time, but potentially compromised accounts are flagged and elevated to IT’s attention speeding analysis and greatly minimizing the effort required to assess risk across today’s hybrid IT environment. And, arming IT with machine learning frees them from manually creating policy across all their endpoints, apps, sites, services and resources.
Balancing security and optimal end-user experience
Building security policy for employees, contractors, partners and privileged IT users has typically favored security over user experience. Behavior-based scoring means users get a frictionless experience when they present low risk, easing access and improving productivity while maintaining high security.
“By tailoring security policy to each individual’s behavior and automatically flagging risky behavior, we’re helping IT professionals minimize the risk of being breached with immediate visibility into account risk, without poring over millions of log files and massive amounts of historical data,” said Bill Mann, chief product officer at Centrify. “And thanks to our broad set of enforcement points that include endpoints, applications and IT infrastructure, we can enforce risk-based policy in real time, at the point of access. This means high-risk threats can be blocked, while low-risk users get authorized access to apps, privileged credentials, or privileged sessions.”
Risk-based access gives IT new insights through risk scoring for end and privileged users to control policy and what action should be taken for a given risk level. Examples of risk-based access include:
• Single sign-on (SSO) to applications: As long as end-user’s behavior is in keeping with typical access, it presents low risk, and IT can provide easy one-click access to their apps.
• Multi-factor Authentication (MFA) for password checkout: When an IT admin checks out a privileged credential or initiates a privileged session to a server or other resource from a location that’s not typical, the risk level is elevated, and the admin is prompted for further authentication.
• MFA for outsourced IT: If an attacker attempts to leverage an outsourced IT credential from an unknown or previously unseen device, access can be blocked entirely, stopping the attack before it can gain traction.
Since this new service is part of the Centrify Identity Services Platform (centrify.com), customers can implement risk-based policy across their boundaryless hybrid enterprise of endpoints, cloud applications, IaaS, and IT servers and resources for more detailed heuristics and more effective policy. Available as an add-on to Centrify Identity Service and Centrify Privilege Service, the service is a natural extension of Centrify’s adaptive Multi-Factor Authentication, adding machine learning that both eases configuration for IT and eliminates constant MFA challenges to simplify end user access.