In the News: 2010

"Philip Lieberman, president of Lieberman Software: In-house and internal threats will be a big element of 2011 as organizations begin to understand that anti-virus/malware/phishing software is no longer effective."

"Lieberman Software Corp...announced integrations between its privileged identity management (PIM) solutions and BMC Remedy to record privileged account usage as part of the trouble ticket lifecycle."

"In-house and internal threats will be a big element of 2011 as organisations begin to understand that anti-virus, malware, and phishing software is no longer effective."

"There are those who argue that the age of cloud computing is merely in the minds of the more far-sighted IT visionaries. I have even met those whose businesses are indifferent to the cloud. This indifference may cost them dearly – and soon."

"The word “trust” appears in the tagline for a great many security products and services. But in the business world what we often tout as trust simply boils down to an acceptance of risk and the expectation that we can transfer liability to other parties should that trust be broken."

"According to many security experts, the most prevalent IT security threat arises from negligent insiders. Malicious hackers prey upon enterprise users..."

"Compliance is the big issue for us," says an information security analyst for a large federal credit union that uses Lieberman Software. "We had open audit issues associated with service accounts, passwords that hadn't been changed since dirt was clean."

Reports that a rogue e-mail generated by a Swiss bank employee has cost the organization around £6.2 million in lost business highlights the problem of data leakages caused by email errors, says Lieberman Software.

Phil Lieberman of Lieberman Software comments on Microsoft’s move to make security essentials free to its partners and how this can benefit the company.

Lieberman Software Corporation has released a solution with out-of-the-box integration between the company's privileged identity management (PIM) solutions and Microsoft System Center Service Manager (SCSM).

"Lieberman Identity Management For Dell Servers: Solution Builds Upon the Existing Security of DRAC Products."

"Data center and IT managers should bear in mind that insider attacks are just as imminent as attacks from outside hackers, says Chris Stoneff, senior product manager at Lieberman Software (www.liebsoft.com). He suggests managers consider bringing in applications that automatically change passwords daily."

"Phil Lieberman, advisor to the Senate’s Homeland Security and Government Affairs Committee and president and CEO of Lieberman Software, says the threat of cyberterrorism has grown as high-speed network access has become ubiquitous and affordable."

"Working closely with a vendor on a business plan is a new experience for some resellers. NetBR, a solution provider based in Sao Paolo, Brazil, last year became an authorized reseller of Lieberman Software's privileged identity management products. Andre Facciolli, chief technology officer at NetBR, said Lieberman is the first technology vendor he's worked with on a go-to-market plan."

"How do you ensure that two processes that require the same resources aren’t running at the same time? How can you make sure that you don’t overload a system by running too many concurrent tasks against service applications during the wee hours of the morning? One tool out there that helps you centralize your scheduled task management is Task Scheduler Pro from Lieberman Software."

"[Lieberman Software] attributes the growth to its budding channel partner program and increasing awareness among IT executives of the security risks of unmanaged privileged identities."

"The Lieberman password-manager software is sometimes referred to as a type of "firecall" tool that gives top IT managers a way to approve accounts for elevated rights of domain temporarily. It requires multiple individuals with manager status to approve any elevation of account."

"I've long been an advocate of establishing cybersecurity laws that have teeth and authority to prevent and deter attacks to our infrastructure. I believe that the drafts that we're seeing of Sen. Joe Lieberman's Protecting Cyberspace as a National Asset Act of 2010 are a good first effort from legislators in order to do that."

"Going into 2010, we're repeatedly witnessing pervasive bad behaviors with respect to database security," says Phil Lieberman, CEO of Lieberman Software, a provider of enterprise security and privileged identity management solutions and long-time Oracle partner. Examples include "Common and unchanged DBA accounts being used by multiple administrators, with no ability to audit the actions performed by the database administrators, and unchanged application to database account credentials."

"Having worked with many organizations over the years, I've realized that shared passwords, seldom changed privileged credentials, and employees with too much access and too little accountability are the rule rather than the exception. The outcome is never good: embarrassing security breaches and costly IT audit failures."

"...many organizations seem to grasp too late that implementing a privileged identity management solution is too important a process to delegate to a rubber-stamp RFP or a battle of vendor check boxes.  If handled correctly your implementation can enable you to close critical security loopholes; help make staff members accountable for actions that impact IT service and data security; and lower the cost of regulatory compliance. "

"With a focus on governance, risk and compliance products, Aquion was looking for a password management offering for the enterprise market. This led to the company approaching Lieberman [Software], which provides identity management software."

"Lieberman Software's Enterprise Random Password Manager (ERPM) is a privileged identity management solution that automatically discovers, strengthens, monitors and allows secure recovery of local, domain and process account passwords in the enterprise."

"The growth will be explosive due to the pent up demand from Windows XP users that have been excluded from the improvements in hardware and software technologies due to the XP operating system's inabilities," said Phil Lieberman president and CEO of Lieberman Software. "We will also be seeing ISVs exploiting more of the advanced user interface features of Windows 7 and Server 2008 as they become the de facto standard for desktops and servers."

"This is good news for consumers; bad news for McAfee and Symantec," said Phil Lieberman, president of Lieberman Software. "Since most consumers do not buy antivirus and antimalware software, this is a great example of Microsoft stepping up as a responsible corporate citizen by providing some basic free protection for those consumers that simply can't or won't buy protection."

"IT reseller Nanjgel Solutions has been appointed as an authorised reseller for the Gulf by Lieberman Software."

"The process of evaluating your security defenses isn’t simply a device for putting out fires or satisfying customer complaints about specific system issues. These assessments are tied to a greater worth that ensures that the entire business can operate as expected and that its reputation remains intact, says Phil Lieberman, CEO of Lieberman Software."

“Given the very low cost of replacement hardware that already includes Windows 7, it is generally a big mistake to try to upgrade hardware and especially peripherals (except for printers) that are more than three to five years old,” says Phil Lieberman, president of Lieberman Software. “Most users should use the 64-bit version of Windows 7 with a minimum 4GB of memory.

"Phil Lieberman comments on the breach suffered by iTunes users where download lead to loss of iTunes account information, proving that Apple based systems also need protection from malware."

Allowing unfettered, enterprise-wide access to cloud resources poses significant business risks, observes Philip Lieberman, founder and CEO of privileged identity management provider Lieberman Software. "Business users see the cloud as a way of saving money without understanding the security, audit, or regulatory implications," he says. "Cloud is being brought in through the back door, and when auditors discover what's been done, they need to make a judgment as to what the exposure is"

"In the recent case of AT&T and Apple, their incompetence at building scalable and secure infrastructures -- or the incompetence of the vendors who built their systems -- is on display for the whole world to see," said Phil Lieberman, CEO of Lieberman Software.

Security is the number one inhibitor to cloud adoption and Microsoft has addressed many key issues, according to experts. "By Microsoft providing extensive training and guidance on how to properly and securely use its cloud platform, it can overcome customer resistance at all levels and achieve revenue growth as well as dominance in this new area.," said Phil Lieberman, president of Lieberman Software Corp., a Microsoft Gold Certified Partner that specializes in enterprise security.

"ERPM improves security and regulatory compliance for organizations whose ASP.NET credentials control access to corporate databases and back-end applications tiers."

"Lieberman Software Delivers ASP.NET Credentials Management -- Enterprise Random Password Manager Prevents Unrestricted Access into Corporate Databases"

"Phil Lieberman of Lieberman Software believes that the recent turnover of the SmartPhone management team at Microsoft was well overdue. 'Everyone in Microsoft management needs to ask the question: ‘what about Windows Mobile 7 is going to wow me, make this a different platform and a must buy for everyone?' The world does not need another unreliable phone that runs like a Zune and can kind of play some XBox games.'"

"The rough economy is also posing a greater internal threat to companies' information systems, says Philip Lieberman, CEO of Lieberman Software. High turnover naturally increases the risk that employees on their way out the door will download sensitive information with the intention of offering it to a new employer, Lieberman warns."

"The combination of Raytheon SureView and Lieberman Software’s Enterprise Random Password Manager (ERPM) offers unparalleled protection against insider threats, providing control over administrative access to sensitive data throughout corporate and government networks."

"A partnership between Lieberman Software Corp. and Raytheon Company is underway to provide a comprehensive solution to internal security threats against corporate and government networks."

"Five Key Questions When Considering Working with a Cloud Service Provider"

"One of the largest challenges for consumers of cloud services is attaining transparency into how a public cloud provider is securing its infrastructure. For example, how are identities being managed and secured?"

Phil Lieberman, of Lieberman Software (who was also with me in Munich), says that organizations: "have to ask themselves the question, 'Where do we have accounts? Tell me all of the places where we have accounts, and tell me all the things they use these accounts for.'"

"Cloud computing has the potential to transform business technology, but it brings security issues that IT organizations should consider before trusting their sensitive data to the cloud."

Philip Lieberman has been named an Executive of the Year Finalist in the 2010 American Business Awards.

"As Lieberman puts it, shared accounts are a sad fact of life when IT manages its own systems. Things become a lot trickier, though, when that account-sharing involves third-party services."

"Organizations that deploy Task Scheduler Pro can benefit from increased security through patch reporting, patch deployment, and general program deployment."

"Enterprise Random Password Manager Helps Cloud Service Providers and Large Enterprises Manage and Secure Privileged Identities."

"On show will be Lieberman Software's Enterprise Random Password Manager, which provides privileged password security."

"Lieberman is running a set of 30 minute seminars for security professionals on privileged identity management until the end of July."

"...when it comes to mitigating the risks of negligent insiders, organizations need to move beyond basic training and look for ways to limit the damage. Your first step is to ensure that administrative passwords are regularly changed; that multiple computers, network appliances, or applications don't share identical credentials; and that no passwords are stored on spreadsheets that have unmonitored access."

"The only thing that Microsoft has done with Vista and Windows 7 is to make it much harder to use vulnerabilities in the design of the operating system to be the vector of attack," commented Phil Lieberman, president of Lieberman Software.

"Microsoft is in a no-win situation," said Phil Lieberman, president of Lieberman Software. "If it patches the infected machine, it kills the machine and Microsoft gets blamed. If it detects that the machine is infected and does not patch the machine, the machine is not further damaged, but it is not disinfected and Microsoft gets blamed."

“It’s the height of arrogance for a company to set up business overseas and fail to respect the laws and customs of that country,” says Philip Lieberman, the founder and president of Los Angeles-based Lieberman Software. “China has the right to do what it feels is right for its citizens, and Google has no right to impose its values."

The best way to decide whether to go open source or not is to look at the business case, Lieberman advised. "One thing we see all the time as a vendor of security products is that the decision whether or not to go open source is absolutely a religious decision," he said. "You're either of the religion of Linux and open source or you're of the religion of commercial software."

"Lieberman Software, headed by super smart Phil Lieberman, has long been in the Windows admin market. Now Phil is eying the cloud with Enterprise Random Password Manager, which now brings its identity management features to cloud providers."

Phil Lieberman of Lieberman Software captured this position in the Dark Reading piece: "Problems like using commonly known shared passwords, never changing sensitive passwords, and allowing their employees to have too much access for too long to sensitive data with no accountability is the rule rather than the exception."

"Safeguarding a cloud infrastructure from unmonitored access, malware and intruder attacks grows more challenging for service providers as their operations evolve. And as a cloud infrastructure grows, so too does the presence of unsecured privileged identities – those so-called super-user accounts that hold elevated permission to access sensitive data, run programs, and change configuration settings on virtually every IT component."

"With this version of ERPM, cloud service providers can assure both customers and IT auditors that privileged access to sensitive data is continuously monitored and secured."

"Security software entrepreneur Phil Lieberman had a simple response to the two-minute knockout of IE 8. 'Cool and bravo,' said Lieberman."

"The really sad part of this story [HSBC database breach] is that IT is many times the biggest enemy of security, willing to go to the mat to make sure that security for managing internal threats will never be adopted," says Phil Lieberman, president of Lieberman Software.

"The fact that the VPC [Virtual PC] creates a sandbox for misbehaved programs is exactly what it is supposed to do," said Phil Lieberman, founder and president of Lieberman Software."

"Task Scheduler Pro now supports all major platforms in the Windows enterprise including Windows 7, Windows Server 2008 R2, Windows Server 2008 and Windows Vista."

"Lieberman Software's Enterprise Random Password Manager (ERPM) provides new levels of visibility and control for cloud service providers and large enterprises to secure privileged identities."

"Lieberman Software will launch a new rev of its ID management product called Enterprise Random Password Manager (ERPM). Lieberman said ERPM works best when sitting on a secure enterprise OS such as Windows 7."

"Enterprise Random Password Manager (ERPM) that now delivers fine-grain management features to protect every asset in the cloud infrastructure – including physical and virtual computers and network appliances, hypervisors, databases, middleware, line-of-business applications, and more."

"ERPM continuously discovers, secures, and grants fully audited, role-based administrative access to physical and virtual IT assets within the cloud infrastructure."

The new version of Enterprise Random Password Manager (ERPM) adds the capability for cloud service providers to delegate different levels of privileged access, audit and compliance reporting to end-customers.

Philip Lieberman discusses his thoughts on the Floyd Landis security hack in this newscast.

Lieberman said he would like to ask the lab who had access to the system. "An interesting question about this," he said, "is was there a third party involved that had authorization to get through the firewall to see results and shared that account?"

"In this article, Phil Lieberman argues that last year's data breach at Heartland was less the fault of the company's, and more the result of the lack of smart card technology that credit card issuers refuse to issue in the United States."

 "This type of bug/limitation is not particularly surprising given that this type of exploit requires that a hacker have a very high technical capability as well as the ability to tap into secure network sessions," Lieberman said. "It is an interesting technical exploit, but not particularly likely."

"They have to ask themselves the question, 'Where do we have accounts? Tell me all of the places where we have accounts and tell me all the things they use these accounts for?'" says Phil Lieberman of Lieberman Software, which specializes in privileged user management.

"Commercial organizations can rarely defend themselves against sophisticated government attacks," said Phil Lieberman, chief executive of Lieberman Software, a Los Angeles security software firm.