Reduce Risk Across Hybrid IT Todd LaPorte

Future of Enterprise IT On-Premises Mobile SaaS IaaS Access Anywhere De-Perimeterization Data is Everywhere Enterprises no longer trust their networks

Reduce Risk Across Hybrid IT Too Many Passwords Too Much Privilege Basic Authentication DANGER GOOD BETTER Establish Identity Assurance GREAT Limit Lateral Movement OPTIMAL Enforce Least Privilege Log & Monitor MFA Everywhere Consolidate Identities SSO Everywhere Mitigate VPN Risk Automate App Provisioning Require Access Approvals Grant Just Enough Privilege Grant Just-in-Time Privilege User-Level Auditing

Secure Access to Apps & Infrastructure Vision BIG DATA APPLICATIONS CLOUD (IAAS & PAAS) NETWORK DEVICES DATA CENTER SERVERS Secure Access to Apps & Infrastructure From Any Device For All Users PARTNER END USER PRIVILEGED IT USER CUSTOMER OUTSOURCED IT

Get Identities Consolidated SERVERS NETWORK APPS SaaS IaaS PRIVILEGED ACCOUNTS PRIVILEGED ACCOUNTS PRIVILEGED ACCOUNTS PRIVILEGED ACCOUNTS PRIVILEGED ACCOUNTS jsmith joans js josmith joansmith joan j.smith smithj joan.s smithjoan End Users

Implement Comprehensive Privileged Identity Management username username and PRIVILEGED INDIVIDUAL ACCOUNTS PRIVILEGED SERVICE ACCOUNTS Log in as yourself Elevate privilege when needed Attribute activity to individual Check out service account password Log in as service (shared) account Attribute account use to individual Centrify Core Rule: “Get users to log in as themselves, while maximizing control of shared accounts”

Get SSO Everywhere Passwords Demand SAML BYOD Friendly

Mitigate VPN Risk VPN-less Access to specific App On-Premise Apps Employees, Contractors, Partners, Customers VPN-less Access to specific App On-Premise Apps VPN Connections On-Premise Infra Employees, Contractors, Outsourced IT VPN-less Access to Specific Resource On-Premise Infra VPN Connections

Automate App Provisioning Onboard Create / Update Offboard Role-Based Provisioning Mobile App Provisioning too Monitor / Report License / Authorize Onboard users on the fly: Role-base automated provisioning of Office 365 accounts and licenses Give users Single Sign-on: Users log in with AD credentials from anywhere or Integrated Windows Authentication (IWA) for true SSO Manage user access: Per-app authorization policy with optional multi-factor authentication (MFA) Monitor user activity: Access reports, failed login attempts, unused accounts, custom reports Offboard users automatically: Automated Office 365 account deprovisioning is triggered when user is disabled or removed from group SSO / MFA / IWA / Remote Access Enable Mobile

MFA Everywhere MFA for VPN MFA for Cloud Infrastructure (IaaS) MFA for On-Prem Apps MFA for Cloud Apps MFA for Server Login and Privilege Elevation MFA for Shared Resources

Privileged Session Monitoring SERVERS NETWORK IaaS PRIVILEGED ACCOUNTS PRIVILEGED ACCOUNTS PRIVILEGED ACCOUNTS Privileged Sessions Report and Replay

Orchestration with SIEM and Threat Analytics Vendors Expose Events Expose Actions for Remediation Leverage Centrify Event Data (including Video) within existing SOC Actions received from Threat Analytics Vendors Integrate with Existing Enterprise Tools

Why Choose Centrify? Protects against the leading point of attack used in data breaches — compromised credentials Protects end users and privileged users by stopping threats at multiple points in the cyberthreat chain Secures access to Apps and Infrastructure across your Hybrid IT environment of cloud, mobile and data center Trusted by over 5,000 customers, including more than half of the Fortune 50 Validated by third-party analysts as a Leader in cloud and privileged identity

A Recognized Leader Named a Leader in the 2016 Gartner IDaaS Magic Quadrant A Leader in The Forrester Wave: Privileged Identity Management, Q3 2016 Clear Choice Winner in SSO Vendor Shootout, NetworkWorld Gartner “Magic Quadrant for Identity and Access Management as a Service” by Gregg Kreizman, June 2016. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect the judgement at the time and are subject to change.

Centrify Identity Platform Freeware & consumer Freeware & consumer Other: Sudo’ers, spreadsheets B2C B2B SSO (SaaS and on-prem apps) Multifactor Authentication (MFA) Provisioning Enterprise Mobility Management Mac Management Remote Access Secure Session Monitoring Session Termination Shared Account Password Mgmt. Server MFA SAPM Privilege Elevation MFA Resource Access Approval Workflow Active Directory Bridge Privilege Management Auditing Server Isolation Server Encryption Windows Local Admin Rights Mgmt Cross-platform Centralized Access Mgmt Identity Service Privilege Service Server Suite Centrify Identity Platform Centrify Identity Platform Cloud Directory Secure Data Store MFA & Policy Engine Authentication Engine Workflow AD/LDAP Proxy Reporting and Dashboards Social Login Federation