In the News: 2012

"Lieberman Software Corporation has released Account Reset Console 6.0, the latest version of the company’s self-service password reset solution. The product permits delegated users to reset their own passwords and unlock their own accounts without involving IT staff, helping organizations maintain high productivity levels while simultaneously strengthening security."

"Since few companies use a formal privileged identity management solution, most companies will suffer untold pain from this new generation of malware with little being gained by educating users or using anti-virus plus anti-malware solutions...."

"Account Reset Console resolves one of the most common problems encountered by IT groups in large organizations -- the productivity drain caused when users lose access to systems due to forgotten or expired passwords."

"That said, in an article on PCWorld from November 2011, Philip Lieberman, the founder and president of Lieberman Software, proposes that silent updates could actually be a risk for enterprises."

"Without ERPM, these credentials typically remain unmanaged and can potentially lead to breaches of sensitive business data and violations of regulatory compliance requirements."

"Philip Lieberman, President and CEO of Lieberman Software, discusses 1:1 with Rake Narang, Editor-in-Chief of Network Products Guide, the high-level approach CIOs and CSOs should take when it comes to social networks and mobile devices."

"I spoke to Phil Lieberman, president of Lieberman Software, who told me that every company his firm has engaged with has well-known accounts and passwords -- such as “guest” and “root” -- and these accounts and passwords are generally used each and every day without question."

"Federation and SSO are designed to make the user's life easier, not improve or even maintain the security of their transactions. Logon convenience has its costs, and with free authentication services, you get what you pay for," says Phil Lieberman of Lieberman Software.

Here's where a recent product from Lieberman Software comes in, Enterprise Random Password Manager. According to company officials, it "scans the network, detecting and securing default and well-known privileged logins," the kind so treasured by hackers, disgruntled employees and malware.

"Lieberman Software says that it took coding experts with the University of Michigan just a few hours to compromise the system’s security and ‘elect’ a cartoon character from ’Futurama’ to the Washington DC election board. Philip Lieberman, president and Chief Executive of the security software specialist, says that the multi-stage crack could almost certainly have been prevented had the developers of the electronic voting system built privileged identity management into the system."

"Administrators can use Enterprise Random Password Manager to identify known built-in administrator passwords and default configurations in the network."

"Los Angeles-based Lieberman said that with ERPM, default and other easily cracked and widely known passwords are automatically secured, and IT-authorized administrators are given an authoritative audit trail of their access."

"Lieberman Software Corporation announced that with its latest release, the company's flagship product Enterprise Random Password Manager (ERPM) now offers a solution to identify known, built-in administrator passwords in the network, providing IT staff more knowledge and control to secure privileged accounts against unauthorized access."

Enterprise Random Password Manager's new "known password discovery" feature scans your network, detecting and securing default and well-known privileged logins that make it easy for unauthorized individuals and malware to access private data.

"From Operation Aurora, the 2009 cyber attacks on Google and other large enterprises, to the recent breach of VeriSign, hackers have learnt to exploit a frightening and frequently ignored lapse in network security to gain control of victim networks. Philip Lieberman, president and CEO of Lieberman Software, explains what companies can do to mitigate the risks of falling prey to this trend."

“The issue of not changing passwords on critical infrastructure is epidemic,” says Phil Lieberman, CEO of Lieberman Software. “This is happening in most corporations all over the world.”

"Among these bad behaviors is setting common Superuser and administrator accounts on multiple (or sometimes all) systems to the same never changing password.  This Common Credentials Dilemma means that if one machine becomes compromised and its internal password(s) discovered (look up Rainbow Table Attack on a search engine), any common account/passwords can be used to access other systems.  This is one of the ways that viruses such as Conficker spread."

"The problem is that passwords are a vulnerable means of protecting anything. A recent survey into corporate password usage by Lieberman Software revealed that 51% of those questioned had ten or more passwords to remember, and 42% admitted to actively sharing passwords."

"In the near future, employees who bring their own smartphones, iPads or similar devices to work and connect them to their employers’ networks could risk losing data with no way of getting it back, said Philip Lieberman, president and chief executive officer of Lieberman Software."

"Insider threats backed by malicious intent, and the risks associated with insider breaches will grow in 2012...In a recent survey from Lieberman Software, more than 48 percent of survey participants said they have worked at an organization whose systems got compromised by a hacker."

“Web applications use a stack of middleware that contains sensitive credentials as well as database credentials that are generally not proactively managed. This situation is a result of both a lack of resources and skill to manage the password change process,” says Lieberman, who explains his firm has been refining technology to automate credentials in middleware stacks for the better part of a decade.

There could be legal consequences as well, as Philip Lieberman, president of the Los Angeles security-solutions firm Lieberman Software, pointed out.  "Should an employee's device contain sensitive or proprietary information that is transferred to their new employer," Lieberman said, "the employee could be subject to serious legal consequences."

"According to a survey carried out at InfoSecurity Europe 2011, in London, and the RSA Conference 2011, in San Francisco, IT services contracts were costing more than expected for 62% of businesses. The survey conducted by automation software supplier Lieberman Software found that out of the 500 IT professionals, who responded, a landslide 62% admitted to their outsourcing contracts costing them more than expected, despite turning to the option of outsourcing as a way to cut costs."

“Passphrases are a much better solution to shared secrets compared to simple one-word passwords," says Phil Lieberman, president of Lieberman Software. “Making passphrases more secure than one-word passwords is simple mathematics. The ability to reverse a single-word password is simply a matter of the length of the password itself -- hash lookups."