Story image

Centrify targets local admin access on Macs through latest identity management update

19 Jun 17

Macs in the enterprise are prone to careless administrative account maintenance and passwords are being shared further than they should be, according to Centrify.

According to the company, it is common for organisations to put administrative passwords on Macs and use the same password across all of them. For users who need to install apps, suddenly that password is shared and anyone can gain access.

According to the company, providing local administration rights means that anyone - whether current users, ex-employees, or attackers - have privileged status on Macs.

"This increases your attack surface and makes endpoints an effective target for malware and rogue applications," the company says in a statement.

As a result, the company has tightened up its admin security in the latest update to its Centrify Identity Platform.

The company is targeting administrators who wish to manage local password management for Macs, as well as application management and software distribution. To do this, the company has utilised turnkey integration using the Munki open source solution.

According Centrify's senior director of APAC sales, the latest updates control shared account password management from servers, network devices, Windows and Linux endpoints to Mac.

"At the same time, they simplify Mac application management with Munki support that enables users to install applications without knowing the admin password,” he adds.

Centrify says the local administrator password management works by generating a unique administrator password for each Mac, whether remote machines or those on the corporate network. The admin password is able to be subject to rotation.

Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.