Story image

Centrify targets local admin access on Macs through latest identity management update

19 Jun 2017

Macs in the enterprise are prone to careless administrative account maintenance and passwords are being shared further than they should be, according to Centrify.

According to the company, it is common for organisations to put administrative passwords on Macs and use the same password across all of them. For users who need to install apps, suddenly that password is shared and anyone can gain access.

According to the company, providing local administration rights means that anyone - whether current users, ex-employees, or attackers - have privileged status on Macs.

"This increases your attack surface and makes endpoints an effective target for malware and rogue applications," the company says in a statement.

As a result, the company has tightened up its admin security in the latest update to its Centrify Identity Platform.

The company is targeting administrators who wish to manage local password management for Macs, as well as application management and software distribution. To do this, the company has utilised turnkey integration using the Munki open source solution.

According Centrify's senior director of APAC sales, the latest updates control shared account password management from servers, network devices, Windows and Linux endpoints to Mac.

"At the same time, they simplify Mac application management with Munki support that enables users to install applications without knowing the admin password,” he adds.

Centrify says the local administrator password management works by generating a unique administrator password for each Mac, whether remote machines or those on the corporate network. The admin password is able to be subject to rotation.

Australians unsure of who is responsible for the safety of their information
According to a recent survey conducted by SOTI, Australians are increasingly concerned about the security of their health records.
Europol makes 61 arrests & nets €6.2 million in dark web crackdown
60 experts from 19 countries, Europol, and Eurojust were involved in hunting for activities including the illegal sale and signs of counterfeit goods and money, drugs, cybercrime, document fraud, non-cash payment fraud, trafficking in human beings and trafficking in firearms and explosives. 
The silver lining in Australia’s Government cloud strategy
Cloud has been a huge part of the ‘digital transformation’ conversation within Australian government during recent years.
Milestone: How video and IoT are finding their place in enterprise
Milestone Systems South Pacific country manager Jordan Cullis talks about three trends that will revolutionise the way video is viewed in 2019 and beyond.
Largest DDoS-for-hire websites responsible for 11% of attacks worldwide – Nexusguard
The FBI’s shutdown of the world’s 15 largest DDoS-for-hire “booter” websites in December resulted in 85% decrease in average attack sizes, year-over year.
Five things MSPs need to keep in mind in 2019
A Datto APAC channel exec outlines the most important factors for MSP to being paying attention to in the coming year.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.