Embed Size (px)
Citation preview
©2019 Centrify Corporation. All Rights Reserved. 1
HOW TO IMPROVE
CYBER RESILIENCE
WITH ZERO TRUST
©2019 Centrify Corporation. All Rights Reserved. 2
YET 66% OF COMPANIES
ARE STILL BREACHED
66%$132BEXPECTED SPENDING ON IT SECURITY
AND RISK MANAGEMENT IN 2020
And worse, they’re breached
on average five or more times
Today’s Security Is Not Secure
©2019 Centrify Corporation. All Rights Reserved. 3
Today’s Somber Reality
Hackers don’t hack in anymore —
they log in using weak, default, stolen, or
otherwise compromised credentials.
©2019 Centrify Corporation. All Rights Reserved. 4
Too Much Privilege, Not Enough PAMCommon Denominator
Survey: Privileged Access Management in the Modern Threatscape, Centrify, February 2019
The Forrester Wave™: Privileged Identity Management, Q4 2018
80%of breaches involve privileged
credential misuse
FORRESTER ESTIMATES
©2019 Centrify Corporation. All Rights Reserved. 5
Endless Examples…
©2019 Centrify Corporation. All Rights Reserved. 6
No Essential, Basic Security ControlsCommon Shortcomings
Survey: Privileged Access Management in the Modern Threatscape, Centrify, February 2019
©2019 Centrify Corporation. All Rights Reserved. 7
It takes only1 compromised privileged credential
Millionsto impact
Exposing You to Imminent Risk
©2019 Centrify Corporation. All Rights Reserved. 8
Meet the Antidote:
Zero Trust
©2019 Centrify Corporation. All Rights Reserved. 9
“Zero Trust is a critical framework for us to
be able to have to protect data and
operate in the environment.”
BEST PRACTICES REVEALED
- Suzette Kent, Federal Chief Information Officer
©2019 Centrify Corporation. All Rights Reserved. 10
The Core Principals of Zero Trust
+
1Assure that all resources
are accessed securely,
regardless of location
NEVER TRUST, ALWAYS VERIFY
2 Apply least privilege
and strictly enforce
access controls3Audit everything
©2019 Centrify Corporation. All Rights Reserved. 11
Industry Momentum for Zero Trust
Q. Which option best describes your current activity for each of the following security solutions? Zero Trust
47%
8%11%
5%
28%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
On my radar or actively
researching
Piloting In production Updgrading/ refining
Not Aware/Interested
CURRENT ACTIVITY
71%of security-focused IT
decision makers are
aware of the zero trust
model
©2019 Centrify Corporation. All Rights Reserved. 12
The Zero Trust Ecosystem There are many ways to start your journey,
but there is only one way that offers the biggest bang for your buck.
Workloads Networks People/Identities Devices Data
Identity or people are what makes up 80% of today’s breaches
©2019 Centrify Corporation. All Rights Reserved. 13
The Path of Zero Trust Starts
with Zero Trust Privilege
©2019 Centrify Corporation. All Rights Reserved. 14
Predictions on PAM
#2Top 10 Listin estimated information security spending growth for 2019
Sources: Smarter with Gartner, Gartner Top 10 Security Projects for 2019, February 2109
Gartner, Forecast: Information Security and Risk Management, Worldwide, 2016-2021, 3Q18 Update
of new projects for security teams to explore in 2019
©2019 Centrify Corporation. All Rights Reserved. 15
Zero Trust Privilege Approach
VERIFY WHO CONTEXTUALIZE
REQUEST
SECURE ADMIN
ENVIRONMENT
GRANT LEAST
PRIVILEGE
ADAPTIVE CONTROL
AUDIT EVERYTHING
©2019 Centrify Corporation. All Rights Reserved. 16
Verify WhoCentrify Zero Trust Privilege:
MFA EVERYWHERE /
ENFORCE ASSURANCE LEVEL 2
LEVERAGE ENTERPRISE
DIRECTORY IDENTITIES
INDIVIDUAL (ALTERNATE)
ADMIN ACCOUNT
©2019 Centrify Corporation. All Rights Reserved. 17
Contextualize RequestCentrify Zero Trust Privilege:
REVIEW AND APPROVERECORD REQUEST CONTEXT
?
or
©2019 Centrify Corporation. All Rights Reserved. 18
Secure Admin EnvironmentCentrify Zero Trust Privilege:
SECURE REMOTE ACCESS
Outsourced
IT User
DISTRIBUTED JUMP HOSTSENSURE CLEAN SOURCE
Server Gateway
Server Gateway
Subnet A
Subnet B
Server Gateway
Subnet C
Server
Gateway
Admin ServerWorkstation
with Browser
Workstation with
Native Clients
Remote
Desktop
Services
©2019 Centrify Corporation. All Rights Reserved. 19
Grant Least PrivilegeCentrify Zero Trust Privilege:
JUST ENOUGH PRIVILEGE LIMIT LATERAL MOVEMENTJUST-IN-TIME ACCESS
Root
©2019 Centrify Corporation. All Rights Reserved. 20
Audit EverythingCentrify Zero Trust Privilege:
SESSION VIDEO CAPTURE
AND REPLAY
MONITOR SESSIONS INTEGRATE WITH SIEM
GATEWAY AND/OR HOST-BASED
Server
Gateway
Admin Server
©2019 Centrify Corporation. All Rights Reserved. 21
Adaptive ControlCentrify Zero Trust Privilege:
MACHINE LEARNING BASED
PRIVILEGED BEHAVIOR ANALYTICS
RISK-BASED ACCESS INCIDENT RESPONSE
Locat ion
Tim e of
Day
Day of
Week
Geo-velocit y
Device
RISK SCORE
59Geo-velocity
Location
Time of Day
DeviceDay of Week
©2019 Centrify Corporation. All Rights Reserved. 22©2018 Centrify. All Rights Reserved.
LESS ON TECHNOLOGY COSTS IN COST SAVINGS
Risk and Cost Reductions, as well as…
Stop the Breach, Forrester, January 2017
50% 40% $5MFEWER BREACHES
©2019 Centrify Corporation. All Rights Reserved. 23
Newfound Business Confidence
2xMORE CONFIDENCE
ACCELERATING NEW
CUSTOMER AND PARTNER
EXPERIENCES
66%MORE CONFIDENCE ADOPTING
NEW MOBILE WORKFORCE
MODELS
44%MORE CONFIDENCE
SECURING DEV AND DEVOPS
Adopt Next-Gen Access To Power Your Zero Trust Strategy, Forrester, July 2018
©2019 Centrify Corporation. All Rights Reserved. 24
DUMMIES EBOOKWant to learn more about
the power of Zero Trust Privilege?
Download a complimentary copy of
the Zero Trust Privilege For
Dummies book.
http://bit.ly/ZTPForDummies
Do You Have Questions?
CONTACT USWant more information
about our products,
pricing, or demos?
1 (669) 444-5200
www.centrify.com/about-us/contact/
FREE TRIALReady for a test drive?
Get started with the
30-Day Free Trial
www.centrify.com/free-trial/
©2019 Centrify Corporation. All Rights Reserved. 25
THANK YOU
