To those of you with runny noses and watery eyes, it will come as no big surprise that it’s allergy season. And, lucky you, if you do have allergies you most likely have more than one. No problem, just take that one big dose (or shot, or drop) that covers them all, right? Sadly, wrong. Treatment for dust mites won’t help for ragweed. Trees and dogs occupy different categories.

Kind of like all those people with their different devices. In this BYOD world we work in, it’s an IT nightmare of different passwords, user names, authentication and security needs. Enough to make eyes water and throats itch. One solution can’t possibly cover all these bases, right? Happily, wrong.

Using Centrify as an “immunity” boost for our existing, familiar Active Directory, our users (PC and MAC) can access a variety of websites from both their desktops and their mobile devices simply by using their existing AD credentials. Centrify also gives them useful tools that allows them to reset their passwords as needed, track the location of their mobile devices, and remote-lock and remote-wipe their mobile devices. One password does it all!

Granting access to these services, while still being able to maintain our privacy (and our customer's privacy) is game changing, but still requires that we keep a vigilant watch on how our internal services interact with our external services. Salesforce,

Google, Office365, WebEX, Box, DropBox, Zendesk and many more already support Centrify directly so it's simple to configure them to work with our Active Directory logins. And we don't even need to open ports on our firewall to do it.

Happy users, less-stressed IT people; it’s a beautiful balance that bring tears to my eyes…or it could be allergies.

Rid yourself of bothersome AD integration symptoms! click here.

I'd like to start a discussion regarding the many offerings we can provide to make your life easier, more productive, and more secure. One area we excel in and can help you out with is Active Directory Integration, Security and Auditing.

Active Directory is wildly popular in the enterprise, and with good reason. It's arguably one of the best products Microsoft has come out with. A single point of entry for new employees, permissions, and security, it's a great way to make sure you know who has access to systems, that password security meets a standard, allows users to be turned on and off centrally, and it 'just works'.

NAPC has partnered for years with Centrify, the leader in Non-Windows AD integration. We've been using them for Unix integration since they first came out with their world class solutions, and they just keep getting better. You probably know of us and them from your Xinet server. We also have been doing Mac desktop integration (Centrify leans on us for this expertise when they need implementation !). Check out our video on easy rollout of desktop macs to get a sense of what can be done, in addition to the basics-

http://www.youtube.com/watch?v=VHrvZiYEZaE

That's just the tip of the iceberg though. Centrify and NAPC can provide data-center wide services- helping implement AD integration across all your *nix systems. There's a very powerful suite of permissions tools included, so you not only get a stable central authentication structure, you also get an easy way to put 'like' servers into admin groups, and assign rights for users and groups to multiple servers simultaneously. This is tremendously efficient. They have the ability to apply sudo permissions as well in this way, all through an easy, intuitive interface.

On top of this, there's even a great story for Windows servers. Centrify gives reporting capabilities that AD itself doesn't. The suite includes much finer grained abilities to search for idle users, accounts, and machines. We've had people fail SOX audits, and been shown the tool in Centrify that  would have caught the exceptions beforehand. And with automated reporting, you can show the auditors you're trapping for this now, and there's no more examples of it. Talk about looking like a hero!

Another example of what can be done is ongoing auditing of systems. You can load a very lightweight client on any Unix or Windows machine that will actually record screen captures of a users actions. That way, if a system goes down, and an Admin or service provider can't remember exactly what they did, you can watch a video of them typing, mistyping, pushing buttons. This helps you from a SOX auditing standpoint for allowing remote providers in, but also allows you to understand exactly what was done that broke the system. This is hugely powerful, not only to speed up recovery, but also from a training perspective for your admins.

This just breaks the surface of what the tools are capable of. Please feel free to reach out and ask what else can be done, or if you have specific needs, or just feel like you could be doing more on the security and auditing front. Odds are, there's a solution that can address your needs, get you home on time, and sleeping soundly!

CreativeBanks 4 Tutorial - Creating a New Bank from FlatheadU on Vimeo.

 

NAPC's CreativeBanks is used for user management for the website of your digital asset management deployment. It integrates with Active Directory, controls access for users, rotates passwords, and even manages branding. Greg Sposato takes the professor's podium at Flathead U to walk us through how to make your first bank in Creative Banks 4. Customizing the theme, adding uploaders, security models, and user notifications are a few steps covered; be sure to watch the video for the full guide.

_______________________________________________________________

 

Once in a while, we find a great tool that solves a big problem, quietly, effectively, and efficiently at an affordable price.

Enter Centrify, a tool that puts all your Linux, Mac and Unix  platforms under Active Directory services. It solves your SOX compliance, security, and auditing requirements, letting you manage and verify all your platforms with minimal effort.

For our customers who operate a Xinet production environment, it brings both the server and the desktops into the AD realm.

We’re aware of two approaches to implementing Centrify in Xinet domains.

One reduces your initial  license cost, but adds some complexity, reduces functionality and is unsupported by Centrify. We don't do this. It does save some upfront costs, and reduces the annual maintenance.

Obviously, we think that approach is deeply flawed.

We’ve built a robust practice around implementing Centrify as a stable, flexible and fully supported tool. Centrify sets a very high standard. Would that all software worked so well.