Home Security Warning: Old security models failing to cope with rise and frequency of data breaches
Warning: Old security models failing to cope with rise and frequency of data breaches Image courtesy of Stuart Miles at FreeDigitalPhotos.net

Global security solutions and identity services vendor Centrify has warned that the increasing size and frequency of data breaches clearly demonstrates that old security models based on protecting network perimeters are failing both businesses and consumers.

Releasing its so-called Zero Trust approach to security, Centrify says this approach assumes that everything — users, endpoints, resources — is untrusted and always must be verified to decrease the chance of a major data breach.

Centrify accompanies its warning with a note that the problem with old security models is a “significant lesson” for Australia with its mandatory data breach notification law taking effect from February next year.

According to Centrify chief product officer Bill Mann, Zero Trust is the right approach to security today due to the porous network perimeter created by the rise of remote workers, BYOD devices and cloud resources.

“The modern hybrid enterprise must adopt a Zero Trust security model,” he said.

“Zero Trust is based on the motto of ‘never trust, always verify’, which assumes that internal networks can no longer be relied upon as a way of protecting enterprise resources and that users and devices within a network are no more trustworthy than users and devices outside of the network.

“Remote employees on BYOD devices accessing SaaS applications are as common today as someone sitting at their workstation inside the office. Centrify is committed to helping its customers embrace this reality by moving towards a Zero Trust security model where all access is authenticated, authorised and encrypted – with identity at the centre.”

According to Centrify, customers increasingly recognise that older, network-centric security approaches no longer apply, and today’s hybrid enterprise requires more application-centred models, with access grounded in identity.

Mann explains how Zero Trust delivers benefits including:

  •     Identity Assurance, which evaluates the security posture of a user based on location, device and behaviour to determine users are who they say they are;
  •     Trusted Endpoints, which only allow access to corporate resources from trusted endpoints, whether it’s a corporate owned, BYOD or public desktop, laptop or mobile device;
  •     Conditional Access, which grants just-in-time access to specific applications and infrastructure for a limited timeframe to users with a confirmed identity and who are using a trusted endpoint when logging in; and
  •     Least Privilege, where just enough privilege is granted, just in time to perform the needed operations and lateral movement is limited.

And Mann says major innovations amplify the need for Zero Trust networks, such as machine learning, move to ephemeral servers, adoption of microservices and security convergence, and claiming that to further Centrify’s move towards a Zero Trust security model, it has joined the FIDO (Fast IDentity Online) Alliance and strengthened its integration with Yubico.

“As co-creator of the FIDO U2F standard, Yubico believes that secure, easy-to-use and scalable authentication should be available to everyone,” said Jerrod Chong, vice-president of Product at Yubico.

“Centrify shares our mission to bring greater security and convenience to the enterprise. By adding FIDO U2F support, Centrify has the most complete set of YubiKey integrations available from a technology partner.”


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).


Popular News




Sponsored News