Centrify Stops Breaches in Real-time Based on User Behavior (Video)

Centrify has released a new Analytics Service using machine learning to assess risk based on constantly-evolving user behavior patterns.

It then assigns a risk score, and enforces an appropriate decision — determining whether the user’s access is granted, requires step-up authentication, or is blocked entirely.

According to a new Forrester study, commissioned by Centrify, an astonishing two-thirds of organizations experienced an average of five security breaches in the past two years.

And billions of usernames and passwords have been stolen and made available for these types of attacks, increasing risk of further breaches.

The power of these attacks is in their perfect camouflage. Attackers “look” just like legitimate users, raising no suspicion, since all IT sees is regular user activity.

(Learn More about Centrify, courtesy of Centrify and YouTube)

Breaking the cycle of breach

Centrify gives IT the power to break the cycle of account exploitation and impersonation, to stop attacks that lead to data breaches.

Not only are anomalous access requests stopped in real time, but potentially compromised accounts are flagged and elevated to IT’s attention — speeding analysis and greatly minimizing the effort required to assess risk across today’s hybrid IT environment.

And, arming IT with machine learning frees them from manually creating policy across all their endpoints, apps, sites, services and resources.

(The leading cause of breaches is compromised credentials. And data breaches are on the rise. One of the best ways to address these this problems is to deploy multi-factor authentication also known as MFA. Courtesy of Certify and YouTube)

Balancing security and optimal end-user experience

Building security policy for employees, contractors, partners and privileged IT users has typically favored security over user experience.

Behavior-based scoring means users get a frictionless experience when they present low risk, easing access and improving productivity — while maintaining high security.

Bill Mann, chief product officer at Centrify
Bill Mann, chief product officer at Centrify

“By tailoring security policy to each individual’s behavior and automatically flagging risky behavior, we’re helping IT professionals minimize the risk of being breached — with immediate visibility into account risk, without poring over millions of log files and massive amounts of historical data,” said Bill Mann, chief product officer at Centrify.

“And thanks to our broad set of enforcement points that include endpoints, applications and IT infrastructure, we can enforce risk-based policy in real time, at the point of access.”

“This means high-risk threats can be blocked, while low-risk users get authorized access to apps, privileged credentials, or privileged sessions.”

Risk-based access gives IT new insights through risk scoring for end and privileged users to control policy and what action should be taken for a given risk level.

Examples of risk-based access include:

  • Single sign-on (SSO) to applications: As long as end-user’s behavior is in keeping with typical access, it presents low risk, and IT can provide easy one-click access to their apps.
  • Multi-factor Authentication (MFA) for password checkout: When an IT admin checks out a privileged credential or initiates a privileged session to a server or other resource from a location that’s not typical, the risk level is elevated, and the admin is prompted for further authentication.
  • MFA for outsourced IT: If an attacker attempts to leverage an outsourced IT credential from an unknown or previously unseen device, access can be blocked entirely, stopping the attack before it can gain traction.
Image courtesy of Centrify

Since this new service is part of the Centrify Identity Services Platform, customers can implement risk-based policy across their boundaryless hybrid enterprise of endpoints, cloud applications, IaaS, and IT servers and resources for more detailed heuristics — and more effective policy.

Available as an add-on to Centrify Identity Service and Centrify Privilege Service, the service is a natural extension of Centrify’s adaptive Multi-Factor Authentication, adding machine learning that both eases configuration for IT and eliminates constant MFA challenges to simplify end user access.

Learn more about Centrify’s Analytics Service or start a trial on the Centrify solutions site.

The Breach Stops Here.