Q&A with David McNeely of Centrify
VSM: We haven’t spoken before; can you please give us a quick overview of Centrify and your Centrify Suite offering?
DM: Sure, Centrify was founded in 2004 to offer organizations the capability to centrally control, secure and audit access to cross-platform systems and applications. We built the solution on top of Active Directory (AD), since AD is in place at nearly every enterprise environment. Today we have more than 3500 customers in every major industry across the globe. These customers use Centrify to consolidate identities and centrally manage privileged user access, which reduces IT expenses, strengthens security and improves compliance. Our Centrify Suite is built on a common architecture which means that our customers can secure authentication, enable single sign-on, control access based on roles, manage user privileges, audit user sessions, isolate servers, and encrypt data-in-motion across a broad set of platforms and applications – whether on premise or in the cloud.
VSM: How is that relevant to our readers who are interested in all things virtualized?
DM: The Centrify Suite dynamically applies Active Directory-based authentication, access control, privilege management, and auditing to servers running in virtualized and cloud environments, such as Linux systems running within cloud hosting providers.
When it comes to Infrastructure-as-a-Service (IaaS), one of the realities we hear from customers is that security – in the form of authentication and access control – is largely left to the customers. To do this effectively in a dynamic environment requires an automated security infrastructure that allows critical security and compliance policies to be applied consistently as every new system is initialized within a hosted environment. For newly provisioned virtual servers, Centrify joins them to the customer’s on-premises Active Directory domain, locks down the root account by linking it to an AD User account, and automatically configures the security of the server through Group Policy-based configuration. Additionally, all access to a virtual server is provided through Active Directory-based login, ensuring that authorized users login with their unique Active Directory credentials, so all their activity can be tracked and audited. And privileges are granted to those users who need to execute specific commands based on their role. Essentially, we enable the organizations’ on-premise AD infrastructure be the center of trust for securing virtualized servers in the cloud.
VSM: You talked about auditing access to servers and virtual servers. Is this unique to Centrify?
DM: Yes, Centrify is unique in providing customers with a simple way to consolidate identity, access and privilege management, and auditing across both virtualized environments and physical servers. This centralization ensures that only authorized administrators can access these servers and their activities can be tracked in context, greatly simplifying regulatory compliance.