Centrify has enlisted machine learning technologies for its new Analytics Service, an add-on for the company's Identity Services Platform that monitors user behavior and enables customers to secure their environments using a risk-based approach.
Launched today, Centrify Analytics Service "uses machine learning to pay attention" to user behavior over time, Chris Webber, security strategist at Centrify, told eSecurity Planet. It then "puts together a profile and assigns a level of risk" to each access attempt.
With this new intelligence in hand, administrators can set policies to help combat the leading cause of data breaches: compromised credentials.
Centrify recently commissioned Forrester to conduct study on data breaches. After surveying more than 200 security decision makers, the research group discovered that two-thirds of organizations were hit with an average of five or more breaches over the past two years. The most commonly targeted assets were identities and passwords, which enable attackers to pose as legitimate users.
Organizations spent $75 billion on security last year, "yet breaches are at an all-time high." Corey Williams, senior director of Product Management and Marketing at Centrify, said. "Clearly there's a disconnect."
Williams argued that many businesses have "the priority stack inverted" and are spending heavily on solutions that protect networks and discrete systems against malware and hacking attempts and are not investing enough in identity and access management solutions that address the cause of most breaches. Effective enterprise security should follow identity, instead of focusing single-mindedly focusing on individual resources, he said.
Centrify's new Analytics Service empowers customers to apply risk-based access policies that balance ease-of-use with powerful protection, said Webber. It learns over time, observing behavioral patterns. For example, an "employee in finance or HR who doesn't travel for their job, and uses the use the laptop that IT gave them, has a pretty defined behavior set."
If this type of employee registers an access attempt from a coffee shop using a different device, Analytics Service throws up a red flag. Administrators can configure the Centrify Identity Services Platform to require multi-factor authentication or block access entirely.
Conversely, in low-risk situations, organizations can offer their users single sign-on access to their applications for enhanced productivity and eliminate repeated multi-factor authentication challenges. Moreover, it can help organizations better safeguard their privileged credentials – root-level and other accounts with elevated privileges -- by enforcing multi-factor authentication on suspicious access attempts or outright blocking those attempts.
Centrify Analytics Service costs $3 per user per month and is available now.