A Security Overview of the Centrify Cloud
|
|
- Paul Stanley
- 8 years ago
- Views:
Transcription
1 A Security Overview of the Centrify Cloud How your end users usernames and passwords are kept secure within the Centrify Cloud Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Centrify Corporation. Centrify may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Centrify, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Centrify, DirectControl and DirectAudit are registered trademarks and Centrify Suite, DirectAuthorize, DirectSecure and Direct- Manage are trademarks of Centrify Corporation in the United States and/or other countries. Microsoft, Active Directory, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. RightScale is a registered trademark of RightScale, Inc.; ServerTemplates and RightScripts are trademarks of RightScale, Inc. The names of actual companies and products mentioned herein may be the trademarks of their respective owners
2 A Security Overview of the Centrify Cloud Contents Abstract 3 Overview 4 Systems and Cloud Tenant Security 5 User Security 10 Physical & Data Center Security Azure Data Centers 13 Centrify Compliance & Certifications 15 Microsoft Azure Compliance & Certifications 17 Conclusion CENTRIFY CORPORATION. ALL RIGHTS RESERVED
3 Abstract Fueled by the advances in cloud computing technology, and economies of scale, more organizations are moving to cloud-based applications. This shift, coupled with the explosion of mobile computing, means IT organizations need solutions to consolidate and manage end user credentials. At the same time, they must ensure their users can get single sign-on (SSO) to their apps, and can have secure access to those apps from any location and from any device. IT organizations must understand how their users personal data is transmitted, stored, managed and secured by the cloud-based services that facilitate the management of their users apps, devices and digital identities. This document describes the overall architecture and details the security of the Centrify Cloud, which is the underlying Identity-as-a-Service ( IDaaS ) platform that powers Centrify s cloud app and mobile management solutions. The Centrify Cloud comprehensively meets customers demands for the safekeeping of their users personal data while delivering the industry s most comprehensive mobile and cloud identity management solution CENTRIFY CORPORATION. ALL RIGHTS RESERVED
4 A Security Overview of the Centrify Cloud Overview The Centrify Identity Service unifies cloud app and mobile device management into an enterprise cloud service, to secure and manage application access from anywhere. By leveraging a single user identity across cloud, mobile and on-site apps, IT can manage the full app lifecycle. They can enforce identity-based access policies, to eliminate the hassles of multiple passwords, and enforce a consistent security policy. Users can automatically access cloud and mobile apps with just a click or tap, without having to remember multiple passwords. Apps are automatically provisioned through Centrify s Cloud, for seamless user onboarding, role-based access, and de-provisioning when a user leaves the organization or changes roles. Centrify Identity Service eliminates barriers to user productivity, and gives IT the tools they need to manage and secure cloud and mobile apps. For mobile application developers, Centrify delivers the first cloud-based service that enables developers to provide corporate users with a zero sign-on experience and strong authentication. In this white paper, we will discuss the infrastructure on which the Centrify Cloud the underlying Identity-as-a-Service ( IDaaS ) platform for the Centrify Identity Service is built, and the mechanisms that secure customer data at rest and in motion. We will look at the Microsoft Azure platform-as-a-service that the Centrify Cloud utilizes, the design of the Centrify Cloud infrastructure, how data is secured on the end-user device, and the certifications Centrify has passed CENTRIFY CORPORATION. ALL RIGHTS RESERVED
5 Systems and Cloud Tenant Security Centrify Cloud Infrastructure The Centrify Cloud is a cloud service that operates on the Microsoft Azure platform-as-a-service. Within the Azure data centers that host the Centrify Cloud, are building blocks called pods, operated and developed by Centrify, that are a collection of highly available virtual servers running the software that powers the Centrify Cloud. Each pod services one or more tenants (i.e. customers of the Centrify Cloud), and can handle hundreds of thousands of simultaneous users across any number of tenants. Each tenant belongs to one pod and cannot move between pods. A pod has web servers, cache servers, and worker servers. The web traffic is shared amongst the web servers via a round-robin load balancer. There are at least two of each server type for redundancy. These are not fixed numbers; they are just shown for purposes of illustration. The communication between the servers within the pod is managed over a private high-speed network inside the pod. All storage (apart from performance-related caching) is outside the pod in Azure, but each pod has its own storage. Each pod is replicated to a separate Azure Data Center for redundancy and disaster recovery. A collection of multiple pods comprise a podscape, with a master pod for each podscape. The master pod is the managing server for each podscape. It hosts no tenants, but instead routes users to their respective pods. Within any given podscape, naming convention uniqueness is maintained between tenants to ensure that users are routed to their unique pods. Pods and podscapes operate across a number of data center locations around the world as shown below CENTRIFY CORPORATION. ALL RIGHTS RESERVED
6 A Security Overview of the Centrify Cloud Availability and Redundancy of the Centrify Cloud Infrastructure To protect against software or hardware failure, all components at the pod level are at least doubled, and failover is automatic between these servers. The Azure storage is replicated three times in a given data center. All data within the pods is also replicated into a hot standby system. In addition, Centrify takes full and differential backups once a week that are stored in a different set of geo-replicated Azure storage accounts. Azure Storage Centrify Production Pod Tenant 1 data Tenant Data Azure Geo Replicate Tenant 2 data Tenant 3 data... Standby Pull Centrify Standby Pod Tenant 1 data Tenant 2 data Tenant 3 data... Primary Storage Tenant 1 data Tenant 2 data Tenant 3 data... Azure Storage Azure Storage Cloud Tenant and Storage Security The Centrify Cloud certificate for TLS/SSL was issued to Centrify by VeriSign. This certificate is used for all TLS/SSL mutual authentication and encryption to the cloud service. The certificate is issued with a 2048 bit key. The Centrify Cloud Service creates a root CA for each tenant. This CA issues all the certificates for the tenant with the exception of device certs those are issued by a CA that applies to the whole cloud service. Only Centrify operations has access to so the Azure maintenance tools and can access customer data under strictly controlled and audited conditions that are certified under SOC2. All data is stored on Azure storage outside the pod and protected with Azure access keys Within that encrypted Azure storage the Centrify Cloud further encrypts the tenant s user data with AES 256-bit using the tenant s unique encryption key The tenant s unique encryption keys are encrypted with a Master Key and stored in the pod configuration database, away from the Azure database CENTRIFY CORPORATION. ALL RIGHTS RESERVED
7 Azure Storage Master Key to encrypted Tenant Keys Worker Servers Centrify Pod Cache Servers Tenant 1 data Tenant 1 Key to encrypt T1 data Tenant 2 data Tenant 3 data... Tenant 2 Key to encrypt T2 data Tenant 3 Key to encrypt T3 data... Web Servers Load Balancer Private Internal Network Cloud Connector Security As shown in the diagram below, for customers who want to integrate the Centrify Cloud with their on-premises Active Directory, a Centrify supplied software program called the Centrify Cloud Connector needs to be installed inside their environment. The Centrify Cloud Connector is a simple Windows service that runs behind a customer s firewall to provide real-time authentication, policy and access to user profiles without synchronizing data to the cloud. The Cloud Connector seamlessly integrates with Active Directory without opening extra ports in an organization s firewall, or adding devices in their DMZ CENTRIFY CORPORATION. ALL RIGHTS RESERVED
8 A Security Overview of the Centrify Cloud The Cloud Connector delivers the following security capabilities: For each tenant, a unique PKI Certificate issued from the Centrify Cloud to the Cloud Connector during registration Cloud Connector registration code is provided to authorized admins after login to Cloud Manager All communications between the Centrify Cloud and the Centrify Cloud Connector are encrypted and mutually authenticated for each tenant using these unique certificates None of the traffic between the Centrify Cloud and the Cloud Connector can be read by the Azure infrastructure All the traffic between the Cloud Management Console and User Portal is sent over HTTPS with a VeriSign signed certificate for *.centrify.com Operational Security The architecture of the Centrify Cloud and the on-premises Cloud Connector also offer the following operational security capabilities: Class-leading Active Directory and LDAP integration with no replication of users and multiforest support Built-in Integrated Windows Authentication (IWA) for silent authentication from corporate networks When a user account is disabled within Active Directory or LDAP the user will be automatically logged off from the user portal upon notification from the Centrify Cloud Connector which monitors on-premises directories for changes. Similarly, when a user account is disabled within the Centrify Cloud Directory, the user will be automatically logged off from the user portal. No user data is cached or stored on the users mobile device or within any browser User credentials are decrypted only inside the Centrify Cloud and inserted into the user s browser over SSL. At no point are the user credentials stored or transmitted in the clear Cloud-based platform for IT administrators to manage their mobile workforce provides monitoring, reporting and auditing as well as mobile device management, container management and application management Role-based rights management for administration and application access All the administrative traffic between the Cloud Management Console and the Centrify Identity Service is sent over HTTPS with a VeriSign signed certificate for *.centrify.com CENTRIFY CORPORATION. ALL RIGHTS RESERVED
9 Certificates Specific to the mobile devices being managed by the Centrify Cloud, some of the security capabilities include the fact that the certificates are issued to the devices at enrollment to support mutual authentication for all device management operations. When a device policy requires a certificate for Wi-Fi 802.1x or VPN or Exchange Active Sync authentication, the device will request the certificate trough the cloud tenant service from the on-premises Microsoft Certificate Server. All resource requests are encrypted with TLS 1.2 User Authentication Certificates are issued to the Centrify mobile client at login and to Mac users at enrollment, to support Zero Sign-on services. Centrify Cloud Certificate for VPN or 802.1x WiFi auth Centrify Cloud Connector Certificate for VPN or 802.1x WiFi auth Tenant Server OTP Authentication for registration & Certificate requests from Tenant CA User Device Device enrollment with Device Certificate Tenant Certificate Authority Domain Certificate Authority Active Directory Enrollment and Certificate Management with Centrify Security Testing On a monthly basis, the Centrify Security Committee reviews the need to update security, availability and confidentiality policies, and implements changes as necessary. Centrify s security policies include, but may not be limited to, the following matters: Identifying and documenting the security requirements of authorized users Classifying data based on its criticality and sensitivity and that classification is used to define protection requirements, Access rights and access restrictions, and retention and destruction requirements Assessing risks on a periodic basis Preventing unauthorized access Adding new users, modifying the access levels of existing users, and removing users who no longer need access Assigning responsibility and accountability for system security Assigning responsibility and accountability for system changes and maintenance CENTRIFY CORPORATION. ALL RIGHTS RESERVED
10 A Security Overview of the Centrify Cloud Testing, evaluating, and authorizing system components before implementation Addressing how complaints and requests relating to security issues are resolved Identifying and mitigating security breaches and other incidents Providing for training and other resources to support its system security policies Providing for the handling of exceptions and situations not specifically addressed in its system security policies Providing for the identification of and consistency with applicable laws and regulations, defined commitments, service level Agreements, and other contractual requirements Providing for sharing information with third parties Security tests are regularly conducted and tuned using penetration testing tools. Centrify routinely runs static/dynamic analysis utilizing network scanning tools. Centrify hires third party security experts each year to expose vulnerabilities, manually simulate various attacks, and perform manual code scanning. User Security Cloud Applications and Single Sign-on By leveraging a single identity across cloud, mobile and onsite apps, IT can manage the full app lifecycle and enforce identity-based access policies, to eliminate the hassles of multiple passwords and enforce consistent security policy. Security benefits include: Traffic between the Centrify User Portal and the Centrify Identity Service is encrypted with class 3 certificates signed by VeriSign Enforce user policy from a single authoritative source, eliminating policy silos for each app CENTRIFY CORPORATION. ALL RIGHTS RESERVED
11 Access to only by IT approved applications Control cloud and mobile applications through identity-based policy, based on single authoritative source for identity, and managing the device used for access Improve security by eliminating the use of easy-to-remember and/or improperly stored passwords User passwords are stored in the tenant database encrypted with AES265 symmetric keys Each cloud tenant has its own unique private key pair that cannot be used on any other cloud tenant Unique, Centrify mobile app for zero sign-on (ZSO) to authorized apps Selectable Multi Factor Authentication (MFA) authentication factor Centrify Mobile Authenticator Soft Token One Time Password (OTP) Interactive mobile phone call to verify user factor One Time Passcode sent via SMS or Trigger multi-factor or step-up authentication based on per-app policy Rich policy script to check the context of the authentication request based on time of day, network location, role, user attributes, device attributes, client type to deny access or require additional authentication factors Mobile Security The Centrify Identity Service provides a full complement of mobile device management tools to protect corporate data and access across devices. The Centrify Identity Service includes extensive support of Samsung KNOX with support for the advanced features of Samsung for Enterprise KNOX Workspace device management policies. For ios 7 and ios 8, Centrify enables business management and features including Open in control, Per-App VPN and the new Mobile Device Management (MDM) configuration options. Mobile Identity Services Centrify Identity Service provides extensive identity capabilities for mobile devices. Some of the features include SSO for Native and Web-apps utilizing the devices enrolled identity. This is tied to Active Directory and/or a cloud-based directory service Automated Certificate Management for auto-issuance and renewal of User and Computer certificates through Microsoft CA for PKI authentication to Wi-Fi, VPN and Exchange Active Sync CENTRIFY CORPORATION. ALL RIGHTS RESERVED
12 A Security Overview of the Centrify Cloud Exchange Access Management through automated management of the Allow/Block/ Quarantine access rights to User s mailboxes Exchange Active Sync (EAS) Server Access Management combined with PKI-based device authentication for the most stringent access controls. Users are required to enroll their mobile devices to access your organization s infrastructure Protection of your organization s access by leveraging existing investment in Exchange Servers, without requiring any new servers or gateways. To ensure privacy data flow between the mobile client and Exchange servers is not interrupted or modified. Mobile Device Management To complete the security solution for mobile devices, Centrify provides MDM functionality not found in competing IDaaS offerings. Web and Mobile application authentication and access management from a single console Role-based mobile application distribution supports user centric mobile application installation and management for custom and commercial applications on ios and Android Enterprise App Store provides user self-service mobile app management interface for enterprise distribution of rich mobile client apps Allows IT administrators to require mobile devices to have a passcode and set the complexity desired. Provisioning of Wi-Fi, VPN and settings for both touchdown and the built-in Samsung client Remote management of Samsung KNOX devices including wipe, lock, reboot, power off, lockout Configurable security settings such as requiring encryption of removable storage and disallowing un-enrollment from MDM Full application management for the device, including automatic installation of public and private apps, app whitelisting / blocking, restricting applications that can be launched. Configurable device Bluetooth settings and restrictions, firewall settings, and other device settings and restrictions such as tethering, USB debugging, data usage. Configurable roaming settings for Mobile devices Apple Volume Purchase Program (VPP) support for paid mobile applications Mobile Container Management Containers can provide an additional layer of security for sensitive corporate data. Centrify s Identity Service supports the deployment and management of the Samsung KNOX mobile container. The solution allows for application and identity services from within the container. Full support for Samsung KNOX container management Remote container administration supporting container create, lock, and wipe Full mobile container policy enforcement for complete configuration and policy management to apply container specific-policies (e.g. apps allowed) Role-based container application management supporting application installation, whitelist along with Single Sign-on service authorization control CENTRIFY CORPORATION. ALL RIGHTS RESERVED
13 IT administrator-configurable browser settings / restrictions for the Samsung KNOX container Configurable VPN settings for the container, including the ability to provide specific VPN settings on a per-app basis, thus ensuring that only desired apps can access the internal corporate network provisioning and configuration / restrictions for the Samsung KNOX container Configured passcode complexity requirements for the KNOX container, and container restrictions, such as disallowing camera usage and controlling what apps can be used to share data within the container Mobile App Management The Centrify Identity Service completes the offering with application management for mobile devices including support for: Web and Mobile application authentication and access management from a single console Role-based mobile application distribution supports user centric mobile application installation and management for custom and commercial applications on ios and Android Enterprise App Store provides user self-service mobile app management interface for enterprise distribution of rich mobile client apps Apple Volume Purchase Program (VPP) support for paid mobile applications Physical & Data Center Security Azure Data Centers Running the Centrify Cloud in Azure data centers means Centrify customers get the benefit of Microsoft s cutting-edge security practices and unmatched experience running some of the largest online services around the globe. Design and Operational Security By being hosted in Microsoft Azure, the Centrify Cloud leverages Microsoft s industry-leading best practices in the design and management of online services, including: Security Centers of Excellence: The Microsoft Digital Crimes Unit, Microsoft Cybercrime Center, and Microsoft Malware Protection Center provide insight into evolving global security threats. Security Development Lifecycle (SDL): Since 2004, all data center/cloud products and services have been designed and built from the ground up using its Security Development Lifecycle: A comprehensive approach for writing more secure, reliable and privacy-enhanced code. Operational Security Assurance (OSA): The OSA program provides an operational security baseline across all major cloud services, helping ensure key risks are consistently mitigated CENTRIFY CORPORATION. ALL RIGHTS RESERVED
14 A Security Overview of the Centrify Cloud Assume Breach: Specialized teams of security engineers use pioneering security practices and operate with an assume breach mindset to identify potential vulnerabilities and proactively eliminate threats before they become risks to customers. Incident Response: Microsoft operates a global 24x7 event and incident response team to help mitigate threats from attacks and malicious activity. Security Controls and Capabilities Azure Data Centers Azure data centers provide additional levels of security around cloud applications and infrastructure, including: 24-hour monitored physical security Data centers are physically constructed, managed, and monitored to shelter data and services from unauthorized access as well as environmental threats. Monitoring and logging Security is monitored with the aid of centralized monitoring, correlation, and analysis systems monitoring devices within the environment and providing timely alerts. Multiple levels of monitoring, logging, and reporting are available to provide visibility to customers. Patching Integrated deployment systems manage the distribution and installation of security patches. Customers can apply similar patch management processes for Virtual Machines deployed in Azure. Antivirus/Antimalware protection Microsoft Antimalware is built-in to Cloud Services and can be enabled for Virtual Machines to help identify and remove viruses, spyware and other malicious software and provide real time protection. Customers can also run antimalware solutions from partners on their Virtual Machines. Intrusion detection and DDoS Intrusion detection and prevention systems, denial of service attack prevention, regular penetration testing, and forensic tools help identify and mitigate threats from both outside and inside of Azure. Zero standing privileges Access to customer data by Microsoft operations and support personnel is denied by default. When granted, access is carefully managed and logged. Data center access to the systems that store customer data is strictly controlled via lock box processes. Isolation Azure uses network isolation to prevent unwanted communications between deployments, and access controls block unauthorized users. Virtual Machines do not receive inbound traffic from the Internet unless customers configure them to do so. Azure Virtual Networks Customers can choose to assign multiple deployments to an isolated Virtual Network and allow those deployments to communicate with each other through private IP addresses CENTRIFY CORPORATION. ALL RIGHTS RESERVED
15 Encrypted communications Built-in SSL and TLS cryptography enables customers to encrypt communications within and between deployments, from Azure to on-premises data centers, and from Azure to administrators and users. Private connection Customers can use ExpressRoute to establish a private connection to Azure data centers, keeping their traffic off the Internet. Data encryption Azure offers a wide range of encryption capabilities up to AES-256, giving customers the flexibility to implement the methods that best meets their needs. Centrify Compliance & Certifications Centrify address a wide range of international, country, and industry-specific regulatory requirements. By providing compliant, independently verified cloud services, In addition, an extensible compliance framework that enables Centrify to design and build services using a single set of controls to speed up and simplify compliance across a diverse set of regulations and rapidly adapt to changes in the regulatory landscape. The Centrify Cloud is certified with SOC 2 and TRUSTe. SOC 2 SSAE 16/ISAE 3402 Attestations Centrify has successfully passed an independent audit against the rigorous SSAE 16 SOC 2 Type II standard and achieved compliance, a prestigious accomplishment showcasing Centrify s longstanding commitment to securing customer data. Information security is far reaching and ingrained into Centrify s culture and is evident from design of the service and infrastructure to the processes and people. Furthermore, achieving compliance demonstrates Centrify s dedication to both its existing high security standards and Centrify s ability to quickly and effectively raise the bar and adapt to the changing information security climate. Audits are conducted in accordance with the Statement on Standards for Attestation Engagements (SSAE) No. 16 put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) and International Standard on Assurance Engagements (ISAE) 3402 put forth by the International Auditing and Assurance Standards Board (IAASB). In addition, the SOC 2 Type 2 audit included an examination of the Cloud Controls Matrix (CCM) from the Cloud Security Alliance (CSA). Customers should contact their Centrify representative to request a copy of the SOC 2 reports CENTRIFY CORPORATION. ALL RIGHTS RESERVED
16 A Security Overview of the Centrify Cloud TRUSTe Centrify has been awarded the TRUSTe privacy Trustmark and is Safe Harbor compliant. Centrify is commitment to privacy and transparency. The Centrify Privacy Policy can be viewed here. The TRUSTe mission, as an independent third party, is to accelerate online trust among consumers and organizations globally. Through the process of achieving TRUSTe compliance, our Privacy Policy is scrutinized to ensure it is accurate with respect to our offered services, our services are scanned for potential privacy threats ensuring that you are receiving the expected level of privacy for your users. For more information please visit the Truste website. SafeHarbor Centrify also complies with the U.S. E.U. Safe Harbor framework and the U.S. Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding collection, use and retention of personal data from European Union member countries and Switzerland. You can learn more about the Safe Harbor program and view our certification by visiting the Safe Harbor website. Cloud Security Alliance Cloud Controls Matrix Centrify has been audited against the Cloud Controls Matrix (CCM) established by the Cloud Security Alliance (CSA). The audit was completed as part of the SOC 2 Type 2 assessment, the details of which are included in that report. This combined approach is recommended by the American Institute of Certified Public Accountants (AICPA) and CSA as a means of meeting the assurance and reporting needs of the majority cloud services users. The CSA CCM is designed to provide fundamental security principles to guide cloud vendors and to assist prospective customers in assessing the overall security risk of a cloud provider. By having completed an assessment against the CCM, Centrify offers transparency into how its security controls are designed and managed with verification by an expert, independent audit firm CENTRIFY CORPORATION. ALL RIGHTS RESERVED
17 Microsoft Azure Compliance & Certifications In addition to being SOC 2 and TRUSTe certified, Centrify is utilizing the Microsoft Azure cloud platform that is ISO/IEC, SAFEHABOR, CSA, FEDRAMP, G-Cloud and FERPA certified. ISO/IEC 27001:2005 Audit and Certification Microsoft is committed to annual certification against the ISO/IEC 27001:2005, a broad international information security standard. The ISO/IEC 27001:2005 certificate validates that Azure has implemented the internationally recognized information security controls defined in this standard, including guidelines and general principles for initiating, implementing, maintaining, and improving information security management within an organization. Federal Risk and Authorization Management Program (FedRAMP) Azure has been granted a Provisional Authorities to Operate (P-ATO) from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). Following a rigorous security review, the JAB approved a provisional authorization that an executive department or agency can leverage to issue a security authorization and an accompanying Authority to Operate (ATO). This will allow US federal, state, and local governments to more rapidly realize the benefits of the cloud. FedRAMP is a mandatory U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a do once, use many times framework that will save cost, time, and staff required to conduct redundant agency security assessments. Centrify s Cloud is in the process of FedRAMP certified for the application layer. United Kingdom G-Cloud Impact Level 2 Accreditation In the United Kingdom, Azure has been awarded Impact Level 2 (IL2) accreditation, further enhancing Azure and its partner offerings on the current G-Cloud procurement Framework and CloudStore. The IL2 rating will benefit a broad range of UK public sector organizations, including local and regional government, National Health Service (NHS) trusts and some central government bodies, who require protect level of security for data processing, storage and transmission. Family Educational Rights and Privacy Act (FERPA) FERPA imposes requirements on U.S. educational organizations regarding the use and disclosure of student education records. Educational organizations can use Windows Azure to process data, such as student education records, in compliance with FERPA. Microsoft will only use Customer Data to provide organizations with the Windows Azure service and will not scan Customer Data for advertising purposes CENTRIFY CORPORATION. ALL RIGHTS RESERVED
18 Conclusion The Centrify Identity Service unifies SaaS and mobile management into an enterprise cloud service, to secure and manage application access from anywhere. By leveraging a single identity across cloud, mobile and onsite apps, IT can manage the full app lifecycle and enforce identitybased access policies, to eliminate the hassles of multiple passwords and enforce consistent security policy. Users can automatically access cloud and mobile apps with just a click or tap, eliminating the need for multiple passwords. Apps are automatically provisioned through Centrify s cloud service, for seamless onboarding, role-based access and de-provisioning. Centrify Identity Service eliminates barriers to user productivity, and gives IT the tools they need to manage and secure cloud and mobile apps. The Centrify Cloud that powers the Centrify Identity Service is built on a highly redundant, highly available, and highly secure platform, to ensure enterprise readiness and data privacy. Industry-standard cloud certifications, best practices, and stringent cloud management polices mean that enterprises can trust their authentication and access policies to Centrify and thousands of global customers do just that every day. Centrify strengthens enterprise security by managing and securing user identities from cyber threats. As organizations expand IT resources and teams beyond their premises, identity is becoming the new security perimeter. With our platform of integrated software and cloud-based services, Centrify uniquely secures and unifies identity for both privileged and end users across today s hybrid IT world of cloud, mobile and data center. The result is stronger security and compliance, improved business agility and enhanced user productivity through single sign-on. Over 5000 customers, including half of the Fortune 50 and over 80 federal agencies, leverage Centrify to secure their identity management. Learn more at SANTA CLARA, CALIFORNIA +1 (669) EMEA +44 (0) ASIA PACIFIC BRAZIL LATIN AMERICA sales@centrify.com WEB PCT000039EN CENTRIFY CORPORATION. ALL RIGHTS RESERVED (669)
Centrify Cloud Connector Deployment Guide
C E N T R I F Y D E P L O Y M E N T G U I D E Centrify Cloud Connector Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationWhite Paper How Noah Mobile uses Microsoft Azure Core Services
NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah
More informationGoogle Apps Deployment Guide
CENTRIFY DEPLOYMENT GUIDE Google Apps Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component of your corporate
More informationAn Overview of Samsung KNOX Active Directory-based Single Sign-On
C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationOffice 365 Single Sign-On: High Availability Without High Complexity
WHITE PAPER Office 365 Single Sign-On: High Availability Without High Complexity WWW.CENTRIFY.COM Office 365 Single Sign-On: High Availability without High Complexity Contents Abstract 3 Introduction 4
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationMicrosoft Azure. White Paper Security, Privacy, and Compliance in
White Paper Security, Privacy, and Compliance in Security, Privacy, and Compliance in Executive Summary The adoption of cloud services worldwide continues to accelerate, yet many organizations are wary
More informationTop Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution
WHITE PAPER Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution WWW.CENTRIFY.COM Top Six Things to Consider with an Identity as a Service (IDaaS) Solution Contents Executive Summary
More informationAppendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs.
Appendix D-1 to Aproove Saas Contract : Security and solution hosting provider specs. The hosting company retained by Aproove is Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA.
More informationWhat s New in Centrify Privilege Service Centrify Identity Platform 15.4
CENTRIFY PRIVILEGE SERVICE WHAT S NEW What s New in Centrify Privilege Service Centrify Identity Platform 15.4 Centrify Privilege Service Centrify Privilege Service is a cloud-based password and access
More informationA Practical Path to Unified Identity Across Data Center, Cloud and Mobile
C E N T R I F Y W H I T E P A P E R A Practical Path to Unified Identity Across Data Center, Cloud and Mobile Abstract The major trends challenging IT organizations today are the increasing heterogeneity
More informationStop Password Sprawl with SaaS Single Sign-On via Active Directory
CENTRIFY WHITE PAPER Stop Password Sprawl with SaaS Single Sign-On via Active Directory Abstract Organizations are rushing to SaaS in an effort to move business initiatives along faster than the traditional
More informationSamsung KNOX: An Overview for Business Customers
CENTRIFY WHITE PAPER. SEPTEMBER 2013 Samsung KNOX: An Overview for Business Customers Abstract Samsung, the mobile device market leader, has introduced Samsung KNOX for its Android-based mobile platforms
More informationWindows Least Privilege Management and Beyond
CENTRIFY WHITE PAPER Windows Least Privilege Management and Beyond Abstract Devising an enterprise-wide privilege access scheme for Windows systems is complex (for example, each Window system object has
More informationSpeeding Office 365 Implementation Using Identity-as-a-Service
August 2015 www.sarrelgroup.com info@sarrelgroup.com Speeding Office 365 Implementation Using Identity-as-a-Service White paper August 2015 This white paper is sponsored by Centrify. August 2015 www.sarrelgroup.com
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationCentrify Mobile Authentication Services for Samsung KNOX
Centrify Mobile Authentication Services for Samsung KNOX SDK Quick Start Guide 3 October 2013 Centrify Corporation Legal notice This document and the software described in this document are furnished under
More informationBest Practices for Adding Macs to Microsoft Networks
WHITE PAPER Best Practices for Adding Macs to Microsoft Networks WWW.CENTRIFY.COM Best Practices for Adding Macs to Microsoft Networks Contents Abstract 3 Introduction 4 Requirements for Solving the Challenge
More informationDell World Software User Forum 2013
Dell World Software User Forum 2013 December 9-12 Austin, TX SaaS Mobile Management Overview of Cloud Client Manager and integration with KACE K1000 Introducing Dell Enterprise Mobility Management Your
More informationMobile Device Management Version 8. Last updated: 17-10-14
Mobile Device Management Version 8 Last updated: 17-10-14 Copyright 2013, 2X Ltd. http://www.2x.com E mail: info@2x.com Information in this document is subject to change without notice. Companies names
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationActive Directory and DirectControl
WHITE PAPER CENTRIFY CORP. Active Directory and DirectControl APRIL 2005 The Right Choice for Enterprise Identity Management and Infrastructure Consolidation ABSTRACT Microsoft s Active Directory is now
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationCopyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com
Manual Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com Information in this document is subject to change without notice. Companies names and data used in examples herein are fictitious
More informationHosted Exchange. Security Overview. Learn More: Call us at 877.634.2728. www.megapath.com
Security Overview Learn More: Call us at 877.634.2728. www.megapath.com Secure and Reliable Hosted Exchange Our Hosted Exchange service is delivered across an advanced network infrastructure, built on
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationWhite Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com
Protecting Mobile Apps with Citrix XenMobile and MDX citrix.com Mobility is a top priority for organizations as more employees demand access to the apps and data that will make them productive. Employees
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationSamsung KNOX EMM Authentication Services. SDK Quick Start Guide
Samsung KNOX EMM Authentication Services SDK Quick Start Guide June 2014 Legal notice This document and the software described in this document are furnished under and are subject to the terms of a license
More informationAPPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION
APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION Response Code: Offeror should place the appropriate letter designation in the Availability column according
More informationVMware vcloud Air Security TECHNICAL WHITE PAPER
TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects
More informationEXECUTIVE VIEW. Centrify Identity Service. KuppingerCole Report. by Martin Kuppinger January 2015
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger January 2015 by Martin Kuppinger mk@kuppingercole.com January 2015 Content 1 Introduction... 3 2 Product Description... 4 3 Strengths and Challenges...
More informationPULSE SECURE FOR GOOGLE ANDROID
DATASHEET PULSE SECURE FOR GOOGLE ANDROID Product Overview In addition to enabling network and resource access for corporate managed mobile devices, many enterprises are implementing a Bring Your Own Device
More informationSecurity Guide. BES12 Cloud
Security Guide BES12 Cloud Published: 2015-08-20 SWD-20150812133927242 Contents Security features of BES12 Cloud...4 How BES12 Cloud protects data stored in BlackBerry data centers...4 How BES12 Cloud
More informationCentrify Cloud Management Suite
Centrify Cloud Management Suite Installation and Configuration Guide April 2013 Centrify Corporation Legal notice This document and the software described in this document are furnished under and are subject
More informationCentrify OS X Basic Jump Start
CENTRIFY DATASHEET Centrify OS X Basic Jump Start The Centrify OS X Jump Start gives organizations the training and hands-on experience to rapidly deploy Centrify's solution for Identity, Policy and Device
More informationAdvanced Service Desk Security
Advanced Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. gotoassist.com Many service
More informationCisco Mobile Collaboration Management Service
Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationSingle Sign-On for SAP R/3 on UNIX with Centrify DirectControl and Microsoft Active Directory
W H I T E P A P E R C E N T R I F Y C O R P. M A Y 2008 Single Sign-On for SAP R/3 on UNIX with Centrify DirectControl and Microsoft Active Directory The Active Directory-Based Single Sign-On Solution
More informationSecurity Whitepaper. NetTec NSI Philosophy. Best Practices
Security Whitepaper NetTec NSI provides a leading SaaS-based managed services platform that to efficiently backup, monitor, and troubleshoot desktops, servers and other endpoints for businesses. Our comprehensive
More informationOpen Data Center Alliance Usage: Provider Assurance Rev. 1.1
sm Open Data Center Alliance Usage: Provider Assurance Rev. 1.1 Legal Notice This Open Data Center Alliance SM Usage:Provider Assurance is proprietary to the Open Data Center Alliance, Inc. NOTICE TO USERS
More informationMicrosoft Azure. Microsoft Azure Security, Privacy, & Compliance
Security, Privacy, & Compliance Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud Trend: 70% 2 weeks to deliver new services vs. 6-12 months with traditional solution Scale
More informationCentrify Mobile Authentication Services
Centrify Mobile Authentication Services SDK Quick Start Guide 7 November 2013 Centrify Corporation Legal notice This document and the software described in this document are furnished under and are subject
More informationSecuring the Microsoft Cloud
Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and customers to fully embrace and benefit from cloud services. We are committed
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationSecuring and protecting the organization s most sensitive data
Securing and protecting the organization s most sensitive data A comprehensive solution using IBM InfoSphere Guardium Data Activity Monitoring and InfoSphere Guardium Data Encryption to provide layered
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationMicrosoft Enterprise Mobility Suite
Microsoft Enterprise Mobility Suite Standalone - overview Peter Daalmans http://configmgrblog.com, peter@daalmans.com IT-Concern John Marcum Enterprise Client Management Architect / johnmarcum@outlook.com
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationWhen enterprise mobility strategies are discussed, security is usually one of the first topics
Acronis 2002-2014 Introduction When enterprise mobility strategies are discussed, security is usually one of the first topics on the table. So it should come as no surprise that Acronis Access Advanced
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationImproving Mobile Device Security and Management with Active Directory
CENTRIFY WHITE PAPER, FEBUARY 2012 Improving Mobile Device Security and Management with Active Directory An overview of mobile device market trends, challenges and approaches to securing and managing smart
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationMicrosoft is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries.
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names,
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationHow To Get A Cloud Security System To Work For You
Trust in the Cloud Ovidiu Pismac MCSE Security, CISSP, MCSE Private Cloud / Server & Desktop infrastructure, MCTS Forefront Microsoft Romania ovidiup@microsoft.com Technology trends: driving cloud adoption
More informationBlue Jeans Network Security Features
Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users
More informationMcAfee Security Architectures for the Public Sector
White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed
More informationApps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.
Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationCA Mobile Device Management 2014 Q1 Getting Started
CA Mobile Device Management 2014 Q1 Getting Started This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationAdvanced Configuration Steps
Advanced Configuration Steps After you have downloaded a trial, you can perform the following from the Setup menu in the MaaS360 portal: Configure additional services Configure device enrollment settings
More informationCentrify Server Suite Management Tools
SERVER SUITE TECHNICAL BRIEF Centrify Server Suite Management Tools Centrify Server Suite includes - at no extra charge - a powerful set of management tools in all editions: Centrify Identity Risk Assessor
More informationCloud Security Trust Cisco to Protect Your Data
Trust Cisco to Protect Your Data As cloud adoption accelerates, organizations are increasingly placing their trust in third-party cloud service providers (CSPs). But can you fully trust your most sensitive
More informationWalk Then Run: 10 Essential Steps to Securing the Cloud
Walk Then Run: 10 Essential Steps to Securing the Cloud Security and Platform Insights from 15 CIOs Every Organization Needs a Security Plan Every business needs a strategic security plan that takes into
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationPaxata Security Overview
Paxata Security Overview Ensuring your most trusted data remains secure Nenshad Bardoliwalla Co-Founder and Vice President of Products nenshad@paxata.com Table of Contents: Introduction...3 Secure Data
More informationSophos Mobile Control Technical guide
Sophos Mobile Control Technical guide Product version: 2 Document date: December 2011 Contents 1. About Sophos Mobile Control... 3 2. Integration... 4 3. Architecture... 6 4. Workflow... 12 5. Directory
More informationGiftWrap 4.0 Security FAQ
GiftWrap 4.0 Security FAQ The information presented here is current as of the date of this document, and may change from time-to-time, in order to reflect s ongoing efforts to maintain the highest levels
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationCentrify DirectAudit Jump Start Service
CENTRIFY DATASHEET Centrify DirectAudit Jump Start Service What is the Centrify DirectAudit Jump Start Service? The Centrify DirectAudit Jump Start Basic Service is designed to give customers a quick start
More information1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?
MaaS360 FAQs This guide is meant to help answer some of the initial frequently asked questions businesses ask as they try to figure out the who, what, when, why and how of managing their smartphone devices,
More informationBAE Systems PCI Essentail. PCI Requirements Coverage Summary Table
BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance
More informationSecure & Unified Identity
Secure & Unified Identity for End Users & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Identity at Center of Cyber Attacks PRIVILEGED USERS END USERS Copyright 2015 Centrify
More informationWhite Paper DocuWare Cloud. Version 2.0
White Paper DocuWare Cloud Version 2.0 May 2015 Impressum: DocuWare GmbH Therese-Giehse-Platz 2 D-82110 Germering Telephone: +49.89.89 44 33-0 Fax: +49.89.8 41 99 66 E-Mail: infoline@docuware.com Disclaimer:
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationMedia Shuttle s Defense-in- Depth Security Strategy
Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationRFI Template for Enterprise MDM Solutions
RFI Template for Enterprise MDM Solutions 2012 Zenprise, Inc. 1 About This RFI Template A secure mobile device management solution is an integral part of any effective enterprise mobility program. Mobile
More informationWhat We Do: Simplify Enterprise Mobility
What We Do: Simplify Enterprise Mobility AirWatch by VMware is the global leader in enterprise-grade mobility solutions across every device, every operating system and every mobile deployment. Our scalable
More informationEnterprise- Grade MDM
Enterprise- Grade MDM This brief describes a foundational strategic feature of the Citrix enterprise mobility offering, enterprise-grade MDM. 2 While the transition of mobile phones into computers has
More informationAutomating Cloud Security with Centrify Express and RightScale
QUICK START GUIDE. MAY 2011 Automating Cloud Security with Centrify Express and RightScale How to secure cloud systems by joining them to your Active Directory infrastructure Abstract This Quick Start
More informationConfiguration Guide BES12. Version 12.1
Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More information