“Organisations can now centrally secure and control access to their increasing deployments of Software-as-a-Service (SaaS) apps and other cloud services, while also giving end users much needed single sign-on to address the password sprawl associated with these new technologies,” says Corey Williams, Centrify senior director of product management.
“The rapid adoption of SaaS applications combined with Bring-Your-Own Device (BYOD) programs means that IT organisations increasingly don’t own the endpoint device or the back-end application resources. Centralised management of the users’ digital identity that spans on-premise and cloud resources provides the visibility and control required for them to achieve compliance, reduce costs and mitigate risks, while also enabling productivity and secure access for their user centric, mobile workforce.”
Centrify supports IDM on more than 400 operating systems, as well as on-premise apps and mobile devices. “The new product lets Centrify customers leverage their existing Microsoft Active Directory (AD) investment across the industry’s broadest range of systems, mobile devices and apps deployed both on-premise and in the cloud,” says Williams.
“As organisational boundaries continue to erode under the pressure of federation and outsourcing, and as enterprise control over IT continues to weaken through increased adoption of mobile devices and cloud services, identity is more important than ever, and more problematic,” says Ian Glazer, Research Vice President at Gartner. “IDM team must strengthen federation capabilities to properly connect SaaS applications to the enterpris. They should also consider an identity bridge to connect to identity as a service (IDaaS) offerings.”
Centrify says its DirectControl for SaaS allows users to securely utilise their existing Active Directory credentials to get single sign-on (SSO) to their SaaS apps from a web browser running on any system, laptop or mobile device irrespective if the endpoint is on the corporate network or not.
“And because mobile devices are fast becoming the dominant endpoint of choice, Centrify also offers Zero Sign-On (ZSO) from mobile devices running iOS or Android,” says Williams. “We also support both browser and native rich mobile apps through the secure certificate delivered to their mobile devices enrolled with the Centrify Cloud Service.
“Many of the existing solutions for SaaS SSO do not address what users want and what IT requires,” says Williams. “Single Sign-on needs to address both browser and mobile access to apps regardless of whether those apps are on premise or in the cloud. We’ve architected our solution from the ground up to accommodate these scenarios and with Centrify you can utilise your existing identity infrastructure to go beyond SSO with access control, privilege management, policy enforcement and compliance.
“Unlike other products, no intrusive firewall changes, changes to Active Directory itself or appliances in the DMZ are required — corporate identity information remains centralized in Active Directory under control of the IT staff and is never replicated or duplicated in the cloud. With centralised visibility and control of all SaaS apps, IT can reduce helpdesk calls by up to 95% for SaaS account lockouts and password resets. Single sign-on also improves security since passwords and password practices not meeting corporate policies are eliminated, and critical tasks such as de-provisioning user access across multiple apps, devices and resources are easily achieved by simply disabling a user’s AD account.”
Centrify has a small office in Australia, headed by regional director Matt Ramsay. “I think the product is a game changer,” says Ramsay. “It’s the only product that can consolidate IDM on local platforms, mobile platforms and the cloud.” Current Australian users of Centrify’s IDM include Toll, the Department of Defence, and Racing and Wagering WA.