Centrify’s single sign-on secures servers, scores $16M

Centrify, a company securing on-premise and cloud servers, raised $16 million in its fourth round of funding yesterday.

The company provides a single sign-on for access to servers in addition to management solutions. These solutions include the ability to turn off potentially compromised machines, restrict user privileges, and monitor all activity on the servers.

“A lot of breaches come from insiders who have the keys to the kingdom. We eliminate the keys to the kingdom,” chief executive Tom Kemp told VentureBeat in an interview.

Kemp explained that having multiple sign-ons for various applications on the server is a vulnerability. For instance, firing an employee requires the disabling of his user names and passwords. But this leaves room for access points to fall through the cracks. You may have removed their Google Apps access, but what about the Salesforce account you forgot about?

If there is only one sign-on, however, you can easily retract server access from Centrify’s hub. Okta, which also recently announced a round of funding, is a direct competitor to Centrify’s cloud security offerings.

But what Centrify is most concerned about is how many different devices can now access server information.

“The data center of the future is very heterogeneous and very hybrid,” said Kemp.

He means smartphones and tablets are quickly entering the enterprise as viable ways to distribute data. But these devices are easily compromised. Not everyone password-protects their mobile devices, and they are often forgotten on a train seat or in a restaurant. This pokes an immediate hole in the security of that company’s server infrastructure — cloud or on-premise.

The funding was led by Index Ventures.

Centrify is using some of the funds to build a product combating this vulnerability. The product will allow server managers to deactivate any mobile device associated with a company, in the same way that they can deactivate computers and servers.

While simple, this could bring some peace to worried managers as more and more devices store proprietary information in the cloud.

But while a single sign-on is a good way to manage security, a watchful eye still needs to be placed on existing user activity.

“We do have an auditing solution that provides, in effect, a security camera on the servers and logs all activity done on that server,” said Kemp.

That security camera can be set up to send alerts to a manger and can even be programmed to shut down all systems when a potential security threat is identified. This latter solution could be more effort than it’s worth given the possibility of false alarms.

Another flaw is the inability to detect security threats during work hours. Some threats may come at night and are easily detected. But what about the ones that occur during the normal pace of work? Many servers are exporting and importing data regularly. And if what Kemp says is true, and many breaches come from the inside, it is even harder to detect usual operations versus threats.

According to Kemp, Centrify cannot identify those breaches at this time.

Centrify will also use the funding to expand internationally. Kemp is particularly excited about leveraging Index Ventures’ international presence and believes the firm will play a role in Centrify’s expansion.

Currently, the company has over 3,500 customers including Research in Motion, Pfizer, and the U.S. Army. It has 150 employees, headquartered in Sunnyvale, Calif. Thus far, Centrify has accumulated $52 million in funding from Index Ventures, Mayfield Fund, Accel Partners, INVESCO Private Capital and Sigma Partners.

blog comments powered by Disqus